Analysis
-
max time kernel
120s -
max time network
91s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
03-11-2020 23:11
Static task
static1
Behavioral task
behavioral1
Sample
Photo-125-137.jpg.scr
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
Photo-125-137.jpg.scr
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
Photo-125-137.jpg.scr
Malware Config
Extracted
Path
C:\4281278655928\Read_Me.txt
Ransom Note
Attention!
All your files, documents, photos, databases and other important files are encrypted
The only method of recovering files is to purchase an unique decryptor. Only we can give you this decryptor and only we can recover your files.
The server with your decryptor is in a closed network TOR. You can get there by the following ways:
----------------------------------------------------------------------------------------
1. Download Tor browser - https://www.torproject.org/
2. Install Tor browser
3. Open Tor Browser
4. Open link in TOR browser: http://25xb3kc6azicbbuo.onion/?NDSIYNDS
5. Follow the instructions on this page
----------------------------------------------------------------------------------------
On our page you will see instructions on payment and get the opportunity to decrypt 1 file for free.
Alternate communication channel here: http://helpqvrg3cc5mvb3.onion/
URLs
http://25xb3kc6azicbbuo.onion/?NDSIYNDS
http://helpqvrg3cc5mvb3.onion/
Signatures
-
Executes dropped EXE 3 IoCs
Processes:
17078.exewinsvcs.exe3697516955.exepid Process 680 17078.exe 1804 winsvcs.exe 1568 3697516955.exe -
Modifies Installed Components in the registry 2 TTPs
-
Modifies extensions of user files 2 IoCs
Ransomware generally changes the extension on encrypted files.
Processes:
3697516955.exedescription ioc Process File renamed C:\Users\Admin\Pictures\MoveDisable.raw => C:\Users\Admin\Pictures\MoveDisable.raw.ReadMe 3697516955.exe File renamed C:\Users\Admin\Pictures\StartEnter.raw => C:\Users\Admin\Pictures\StartEnter.raw.ReadMe 3697516955.exe -
Loads dropped DLL 14 IoCs
Processes:
Photo-125-137.jpg.scr17078.exewinsvcs.exe3697516955.exeMsiExec.exeMsiExec.exepid Process 1688 Photo-125-137.jpg.scr 680 17078.exe 1804 winsvcs.exe 1804 winsvcs.exe 1568 3697516955.exe 1568 3697516955.exe 1872 MsiExec.exe 1872 MsiExec.exe 1872 MsiExec.exe 1872 MsiExec.exe 1872 MsiExec.exe 1872 MsiExec.exe 1872 MsiExec.exe 1532 MsiExec.exe -
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Processes:
winsvcs.exedescription ioc Process Set value (int) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Security Center\AntiVirusOverride = "1" winsvcs.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Security Center\AntiVirusDisableNotify = "1" winsvcs.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Security Center\FirewallOverride = "1" winsvcs.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Security Center\FirewallDisableNotify = "1" winsvcs.exe -
Adds Run key to start application 2 TTPs 2 IoCs
Processes:
17078.exedescription ioc Process Set value (str) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\Microsoft Windows Services = "C:\\4281278655928\\winsvcs.exe" 17078.exe Set value (str) \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Windows\CurrentVersion\Run\Microsoft Windows Services = "C:\\4281278655928\\winsvcs.exe" 17078.exe -
Drops desktop.ini file(s) 41 IoCs
Processes:
3697516955.exeexplorer.exedescription ioc Process File opened for modification C:\Users\Public\Downloads\desktop.ini 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\X6969WXQ\desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\Links\desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\Music\desktop.ini 3697516955.exe File opened for modification C:\Users\Public\desktop.ini 3697516955.exe File opened for modification C:\Users\Public\Music\desktop.ini 3697516955.exe File opened for modification C:\Users\Public\Videos\desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\5JH7AFHU\desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\Saved Games\desktop.ini 3697516955.exe File opened for modification C:\Users\Public\Documents\desktop.ini 3697516955.exe File opened for modification C:\Users\Public\Music\Sample Music\desktop.ini 3697516955.exe File opened for modification C:\Users\Public\Desktop\desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Windows Mail\Stationery\Desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\Desktop\desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\Documents\desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\Pictures\desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\Searches\desktop.ini 3697516955.exe File opened for modification C:\Program Files\desktop.ini 3697516955.exe File opened for modification \??\M:\$RECYCLE.BIN\S-1-5-21-293278959-2699126792-324916226-1000\desktop.ini explorer.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\Favorites\Links for United States\desktop.ini 3697516955.exe File opened for modification C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\Favorites\Links\desktop.ini 3697516955.exe File opened for modification C:\Users\Public\Pictures\Sample Pictures\desktop.ini 3697516955.exe File opened for modification C:\Users\Public\Recorded TV\desktop.ini 3697516955.exe File opened for modification C:\Program Files (x86)\desktop.ini 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\DataServices\DESKTOP.INI 3697516955.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\6O9TWDTA\desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\Downloads\desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\Favorites\desktop.ini 3697516955.exe File opened for modification C:\Users\Public\Videos\Sample Videos\desktop.ini 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\XHJ74TZW\desktop.ini 3697516955.exe File opened for modification C:\Users\Public\Libraries\desktop.ini 3697516955.exe File opened for modification C:\Users\Public\Pictures\desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\Contacts\desktop.ini 3697516955.exe File opened for modification C:\Users\Admin\Videos\desktop.ini 3697516955.exe File opened for modification C:\Users\Public\Recorded TV\Sample Media\desktop.ini 3697516955.exe -
Enumerates connected drives 3 TTPs 47 IoCs
Attempts to read the root path of hard drives other than the default C: drive.
Processes:
3697516955.exemsiexec.exedescription ioc Process File opened (read-only) \??\M: 3697516955.exe File opened (read-only) \??\P: msiexec.exe File opened (read-only) \??\S: msiexec.exe File opened (read-only) \??\U: msiexec.exe File opened (read-only) \??\U: 3697516955.exe File opened (read-only) \??\B: 3697516955.exe File opened (read-only) \??\F: 3697516955.exe File opened (read-only) \??\B: msiexec.exe File opened (read-only) \??\E: msiexec.exe File opened (read-only) \??\F: msiexec.exe File opened (read-only) \??\G: msiexec.exe File opened (read-only) \??\N: msiexec.exe File opened (read-only) \??\R: 3697516955.exe File opened (read-only) \??\O: 3697516955.exe File opened (read-only) \??\Z: msiexec.exe File opened (read-only) \??\V: 3697516955.exe File opened (read-only) \??\I: msiexec.exe File opened (read-only) \??\Q: msiexec.exe File opened (read-only) \??\W: msiexec.exe File opened (read-only) \??\E: 3697516955.exe File opened (read-only) \??\J: 3697516955.exe File opened (read-only) \??\G: 3697516955.exe File opened (read-only) \??\L: 3697516955.exe File opened (read-only) \??\N: 3697516955.exe File opened (read-only) \??\A: msiexec.exe File opened (read-only) \??\H: msiexec.exe File opened (read-only) \??\R: msiexec.exe File opened (read-only) \??\I: 3697516955.exe File opened (read-only) \??\A: 3697516955.exe File opened (read-only) \??\V: msiexec.exe File opened (read-only) \??\X: msiexec.exe File opened (read-only) \??\S: 3697516955.exe File opened (read-only) \??\H: 3697516955.exe File opened (read-only) \??\Z: 3697516955.exe File opened (read-only) \??\Q: 3697516955.exe File opened (read-only) \??\W: 3697516955.exe File opened (read-only) \??\J: msiexec.exe File opened (read-only) \??\K: msiexec.exe File opened (read-only) \??\L: msiexec.exe File opened (read-only) \??\T: msiexec.exe File opened (read-only) \??\Y: msiexec.exe File opened (read-only) \??\T: 3697516955.exe File opened (read-only) \??\K: 3697516955.exe File opened (read-only) \??\Y: 3697516955.exe File opened (read-only) \??\P: 3697516955.exe File opened (read-only) \??\X: 3697516955.exe File opened (read-only) \??\O: msiexec.exe -
Modifies service 2 TTPs 4 IoCs
Processes:
explorer.exeexplorer.exedescription ioc Process Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\NapAgent\Shas explorer.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\NapAgent\Qecs explorer.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\NapAgent\Shas explorer.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\NapAgent\Qecs explorer.exe -
Drops file in Program Files directory 12061 IoCs
Processes:
3697516955.exedescription ioc Process File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.reconciler.dropins.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0287005.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Traditional.dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\AddToViewArrow.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\file_obj.gif 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\jpeg.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\CNFRES.CFG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.operations.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.di.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-down.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00057_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONMAIN.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Visualizer.zip 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\epl-v10.html 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\db\lib\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Cambridge_Bay 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libdemuxdump_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_down.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\16.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02757U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0285410.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\tr-TR\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\DiscussionToolIconImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.text_3.9.1.v20140827-1810.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.services.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-core_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\CERTINTL.DLL 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\as_IN\LC_MESSAGES\vlc.mo 3697516955.exe File created C:\Program Files\Windows Media Player\Icons\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\networkinspection.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01561_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Thatch.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_OffMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SpringGreen.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.jasper.glassfish_2.2.2.v201205150955.jar 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Journal\MSPVWCTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187883.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02738U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR8B.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Khartoum 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.garbagecollector.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\my\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Proof.fr\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\stop_collection_data.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21325_.GIF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding_1.4.2.v20140729-1044.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_shout_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107026.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PAPERS.INI 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_decreaseindent.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ogalegit.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\logo.png 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\is.txt 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\DiagnosticsHub.DataWarehouse.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dhaka 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libkaraoke_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Proof.es\Proof.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099194.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341328.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00390_.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_pressed.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSHY7FR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\MeetingIcon.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_hover.png 3697516955.exe File created C:\Program Files (x86)\Google\Update\Download\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Shanghai 3697516955.exe File created C:\Program Files\Windows Media Player\Visualizations\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\wmpenc.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107258.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0227558.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL00260_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02228_.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OMSINTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSSP7ES.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14845_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00919_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105388.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\HEADING.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PNCTUATE.POC 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\39.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\vlm.html 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_pressed.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa.fca 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\URBAN_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR7F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_center.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Montevideo 3697516955.exe File opened for modification C:\Program Files\Windows Journal\Templates\Genko_1.jtp 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Star_Full.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_snow.png 3697516955.exe File created C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Funafuti 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util_ja.jar 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationUp_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\nio.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Honolulu 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-BoldIt.otf 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\NETWORK\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101857.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Executive.xml 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSACC.OLB 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.AU.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\DataType\Address.accft 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR19F.GIF 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Classic.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD01074_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GrayCheck\TAB_ON.GIF 3697516955.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libsatip_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEODDBS.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15019_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiling_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationUp_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0238959.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\row_over.png 3697516955.exe File opened for modification C:\Program Files\AddShow.jfif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18253_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD15073_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB2A.BDR 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_thunderstorm.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\Parity.fx 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationClientsideProviders.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00445_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0297725.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR18F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ACCWIZ\ACWZMAIN.ACCDE 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Midway 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Helsinki 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libspdif_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\flyout_background.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\MCESidebarCtrl.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PROFILE\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME21.CSS 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\symbase.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\glass.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\add_reviewer.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\eng32.clx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00253_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\POWERPNT.DEV_COL.HXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\RESUME.DPV 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Memories_buttonClear.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-modules-appui_ja.jar 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\SaslPrep\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue\BUTTON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\Microsoft.Office.InfoPath.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationLeft_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\java.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Brussels 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR34B.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationUp_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_mosaic_bridge_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\Adobe AIR\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\LAYERS\LAYERS.INF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN022.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tehran 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\SIGNUP\install.ins 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-filesystems.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-cli_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-openide-execution.xml_hidden 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-sampler.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\calendars.properties 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\GKWord.dll 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Installer\chrome.7z 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Welcome Tool\Read_Me.txt 3697516955.exe File created C:\Program Files\Google\Chrome\Application\86.0.4240.111\default_apps\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Knox 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\.data\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Brunei 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-process-l1-1-0.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\row_over.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\24.png 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0251301.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSOSTYLE.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Charitable Contributions.accdt 3697516955.exe File created C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSLoc.dll.mui 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_srt_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\vstoee100.tlb 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00780L.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\TRANSMGR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_Earthy.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\TOC98.POC 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ru-RU\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Engine.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\.lastModified 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgradient_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0315447.JPG 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_RGB_PAL.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-jvm.xml 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-time-l1-1-0.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\vlc-cache-gen.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR13F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_spellcheck.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Yakutsk 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\te.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Aqtau 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.garbagecollector.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File created C:\Program Files\Java\jre7\lib\zi\Indian\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\js\common.js 3697516955.exe File created C:\Program Files\VideoLAN\VLC\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceSimplifiedZhengMa.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Perf_Scenes_Subpicture1.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239063.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21340_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.BR.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TextConv\WPFT632.CNV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-dialogs_ja.jar 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\VisioCustom.propdesc 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_left_mouseover.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeUpdater.cer 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Clarity.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\org.eclipse.rcp_root_4.4.0.v20141007-2301 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\license.html 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\oledb32r.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\THOCRAPI.DLL 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-next-static.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_top.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0386120.JPG 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Pago_Pago 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_chromecast_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\LISTS\1033\PHONE.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107446.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01126_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00050_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00177_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.services.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_few-showers.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Flow.thmx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightRegular.ttf 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libidummy_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR47F.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadds.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_dot.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SpringGreen.css 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdatl3.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107456.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239191.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\EMAIL.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPREARM.EXE 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libafile_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0237759.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Grid.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18207_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Maceio 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\authplay.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_el.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART5.BDR 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_VideoInset.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-impl_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\verify.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Gaza 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0285926.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD15034_.GIF 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\HWRCustomization\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OUTLFLTR.DAT 3697516955.exe File created C:\Program Files\Mozilla Firefox\browser\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\PAWPRINT.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-coredump.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\bg\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ECHO\ECHO.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\WATERMAR\WATERMAR.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsMacroTemplate.html 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.IdentityModel.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\license.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-swing-plaf.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\.lastModified 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\eu\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\Welcome.html 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\SecStoreFile.ico 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15135_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\gstreamer-lite.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\invalid32x32.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153093.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Module.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21312_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLOOK.HXS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\form_edit.js 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\PROOF\1036\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Malta 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\1033\VSTAClientPkgUI.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.AR.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_en-GB.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-charts_ja.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_settings.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01329_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0199307.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02085_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD15155_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\GKPowerPoint.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\feature.properties 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\EXPLODE.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\USP10.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\jsdbgui.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01294_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ulaanbaatar 3697516955.exe File opened for modification C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.VisualBasic.Targets 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00542_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0199549.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0300520.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME18.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART3.BDR 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SpringGreen\BUTTON.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Ushuaia 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-oql.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-sa.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105974.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PRRT.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\ACCWIZ\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Americana\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-windows_ja.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WEBLINK.POC 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Notebook Templates\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\hy\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_zh-CN.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.IO.Log.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-1 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.batik.css_1.7.0.v201011041433.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.common_2.10.1.v20140901-1043.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\settings.js 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.UNT 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\pdm.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0158007.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\INFOMAIL.CFG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Atikokan 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tashkent 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_up_BIDI.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\PROPLUS\SETUP.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLOOK_COL.HXC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Wordcnvpxy.cnv 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_dot.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_VideoInset.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\RSSFeeds.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0188513.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKL.ICO 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Baku 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\locale\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-windows_ja.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\highDpiImageSwap.js 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\ROMANIAN.TXT 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.jsp.jasper_1.0.400.v20130327-1442.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107264.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY00882_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ADVTEL.DIC 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\master_preferences 3697516955.exe File opened for modification C:\Program Files\DVD Maker\WMM2CLIP.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\management\jmxremote.password.template 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\liblogger_plugin.dll 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\logo.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssBackBlue_Undocked.png 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\fur.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\redStateIcon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0233018.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler-common.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libsid_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\PowerPoint.en-us\PowerPointMUI.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0285796.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY00788_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCDRESTS.ICO 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NAMEEXT.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-windows_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLENDS\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\handsafe.reg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21315_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_dot.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\split.avi 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02126_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21376_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\servertool.exe 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\1px.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviews_joined.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01080_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD15302_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OIS_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\icon.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\blackbars60.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\org-openide-filesystems_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Sao_Paulo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\error_window.html 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libtcp_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_right.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado28.tlb 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_ButtonGraphic.png 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\WWLIB.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\DataType\Payment Type.accft 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_pt-PT.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\vignettemask25.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\mai\LC_MESSAGES\vlc.mo 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRdIF.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1254.TXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD19986_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0281630.WMF 3697516955.exe File created C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00231_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSACCESS_COL.HXC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PARNT_06.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0215710.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGSIDEBR.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.AddIn.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\DVDMaker.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SUMIPNTG\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_italic.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_thunderstorm.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javaws.exe 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libchorus_flanger_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099147.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\POWERPNT.DEV_COL.HXC 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libscreen_plugin.dll 3697516955.exe File opened for modification C:\Program Files\EnableResolve.mp4v 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-output2_ja.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ff\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libspatializer_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\trash.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0151063.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00483_.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\1047x576black.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_snow.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10255_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadcer.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE01797_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21548_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR2B.GIF 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\video_filter\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\feature.properties 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\REFINED\REFINED.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200383.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01239K.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN090.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGPUNCT.DPV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fontconfig.bfc 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.manipulator_2.0.0.v20131217-1203.jar 3697516955.exe File created C:\Program Files\Java\jre7\lib\zi\Atlantic\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\plugin.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-first-quarter.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CANYON\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PRTF9.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\access-bridge-64.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-new.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaer.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Civic.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\CalendarViewButtonImages.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\MANUAL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_snow.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\ja-jp-sym.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Havana 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1031\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02793_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GrayCheck.css 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Peacock.htm 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\settings.ini 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BOLDSTRI\BOLDSTRI.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02386_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00693_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GR8GALRY.GRA 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\LATIN1.SHP 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Accra 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Routing.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_over.png 3697516955.exe File created C:\Program Files (x86)\Common Files\DESIGNER\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\AIR98.POC 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\OTKLOADR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_HighMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\init.js 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Casablanca 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\th.pak 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOHTMED.EXE 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\my\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libwingdi_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02009_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15060_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\settings.css 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\44.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ast\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\omni.ja 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\MOFL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR50B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OneNote\SendToOneNoteNames.gpd 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\HandPrints.jpg 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\rockbox_fm_presets.luac 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105412.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\BloodPressureTracker.xltx 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationRight_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\META-INF\MANIFEST.MF 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\9.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA6\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BOAT.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02617_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME08.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\AUDIOSEARCHLTS.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\ECLIPSE_.SF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_bottom_right.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\.lastModified 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\or\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\defaults\pref\channel-prefs.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\UmOutlookStrings.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SELFCERT.EXE 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.scheduler_1.2.0.v20140422-1847.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Mail\en-US\msoeres.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+7 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Chicago 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR10F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\26.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\BIB.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0299125.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\EAWFINTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_bottom_right.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\mn\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sendopts_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Aqtau 3697516955.exe File created C:\Program Files\Windows Media Player\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_divider_right.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office64.WW\Read_Me.txt 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\MANIFEST.MF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\plugin.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-sa.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Roses.htm 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-backglow.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Desert\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTaskIconMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0315612.JPG 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\ieinstal.exe 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\JSProfilerCore.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Tucuman 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-io_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Denver 3697516955.exe File created C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\pt-PT\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107496.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\ViewHeaderPreview.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN058.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\AdjacencyReport.dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\iexplore.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSO0127.ACL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\picturePuzzle.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00006_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\jabswitch.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00038_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152688.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02265_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Casual.css 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\daisies.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationUp_SelectionSubpicture.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\bn\LC_MESSAGES\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Google\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-applemenu.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\management-agent.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.felix.gogo.runtime_0.10.0.v201209301036.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-spi-actions.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BREEZE\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0186360.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\WINWORD.DEV_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Synchronization Services\ADO.NET\v1.0\Microsoft.Synchronization.Data.Server.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\npt.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_over.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\org-openide-util-lookup.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\http\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.CMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH03012U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21343_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WEBHED98.POC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-spi-quicksearch.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-actions_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Tunis 3697516955.exe File created C:\Program Files\Java\jre7\lib\zi\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.ComponentModel.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ka\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libshm_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonDown_Off.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.model.workbench.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR36F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\wxpr.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\Shared24x24Images.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Setup.exe 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\zh_CN\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00103_.GIF 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ml\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipssve.xml 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\background.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-progress_ja.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01163_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00396_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Horizon.thmx 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwruklm.dat 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libmmdevice_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\WORDICON.EXE 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-javahelp.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105266.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Elemental.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Beige.css 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Desert\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\BUTTON.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_pt-BR.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\APPTS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Documentation\1033\License Agreements\SynchronizationEula.rtf 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\31.png 3697516955.exe File created C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.event_1.3.100.v20140115-1647.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\da\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\bs\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libcolorthres_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00296_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00305_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18194_.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\heart_glass_Thumbnail.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Customer Support.fdt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR3B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Access.en-us\AccessMUI.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00333_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Verve.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\BillingStatement.xltx 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\7.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\.eclipseproduct 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.di_1.4.0.v20140414-1837.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOnNotificationInAcrobat.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02116_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15173_.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsPreviewTemplate.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\feature.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\sysinfo.bat 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\javaw.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Chagos 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtospdif_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00011_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01179_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\UnreadIconImages.jpg 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationLeft_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue\HEADER.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsDoNotTrust.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21318_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN002.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\WORDIRMV.XML 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\wmpconfig.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\MET 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01238_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GROOVE_COL.HXC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR41F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR46B.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-execution_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Thunder_Bay 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107490.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0296279.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR3B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_italic.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\VVIEWER.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\pack200.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Maputo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libhqdn3d_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04134_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BCSProxy32.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Americana.css 3697516955.exe File created C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Documentation\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_zh_HK.properties 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\logger\libconsole_logger_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01793_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NBOOK_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\VelvetRose.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mset7.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Royale.dll 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\iedvtool.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSTORE_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01046J.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Magadan 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\am\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1040\hxdsui.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\InkObj.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HM00005_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099189.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\DocumentShare\WSSFilesToolHomePageBackground.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\META-INF\MANIFEST.MF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\msdasql.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\1047x576black.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirect3d9_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\12.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR4B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mset7es.kic 3697516955.exe File created C:\Program Files (x86)\Windows Mail\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\msdaosp.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\back_lrg.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can.hyp 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\MS.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Couture.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Trek.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\EntityPickerIntl.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\NotifierUpArrow.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FOLDPROJ.XML 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\bear_formatted_matte2.wmv 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\SettingsInternal.zip 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.jarprocessor.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.text.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00668_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\EXCEL_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Sts2.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\OutDomain.ico 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\DataType\Category.accft 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Tripoli 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-compat_ja.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\DisabledGoogleUpdate.exe 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\osppobjs-spp-plugin-manifest-signed.xrm-ms 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.operations.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-views_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\el\LC_MESSAGES\vlc.mo 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\Read_Me.txt 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\Read_Me.txt 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PSRCHSRN.DAT 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_m.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Sts2.css 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libheadphone_channel_mixer_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_m.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\BTOPENWORLD.COM.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN081.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGCHKBRD.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Rothera 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationUp_ButtonGraphic.png 3697516955.exe File created C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\Read_Me.txt 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\lt-LT\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\mshwLatin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200611.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_divider_right.png 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\az.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\jfr.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\librss_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02736U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\AddToViewArrow.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_s.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-execution_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\MSB1CACH.LEX 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR15F.GIF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_222222_256x240.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.forms.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\AST4 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroBroker.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0195384.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\RSSITEM.CFG 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jce.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\about.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-api-annotations-common.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\unpack200.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa03.ths 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN00853_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Places\WARN.WAV 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport_mask_right.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-bootstrap.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\QuestionIconMask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Chuuk 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadds.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0199303.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Angles.eftx 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Garden.jpg 3697516955.exe File created C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-modules_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-spi-quicksearch_ja.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\si\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00586_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185834.WMF 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\MSInfo\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382938.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341439.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00175_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Flow.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Windows NT\Accessories\WordpadFilter.dll 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ja.pak 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\meta\art\02_frenchtv.luac 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\en-US\sqloledb.rll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Porto_Velho 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\mai\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03470_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\ECLIPSE_.SF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvm_ja.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD09662_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00076_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsHomePageScript.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGCAL.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-last-quarter.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_content-background.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02742U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0149407.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BCSLaunch.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Wordcnvr.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipssrl.xml 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\TextConv\WksConv\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099195.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_bullets.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\IPIRMV.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB1A.BDR 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Framework.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Majuro 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01358_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18229_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSAIN.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\jsdebuggeride.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Verve.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0387578.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Cocos 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\WATER\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01183_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0215709.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ACCDDSLM.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGBARBLL.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\FAX\OrielFax.Dotx 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\softedges.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0178639.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BIZCARD.XML 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Palau 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0281632.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-4.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\javaws.jar 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Document Themes 14\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_CN_5.5.0.165303\feature.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dili 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\AST4ADT 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RADIAL\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)redStateIcon.png 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\en-US\msadcer.dll.mui 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\icon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00437_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152622.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0321179.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME14.CSS 3697516955.exe File created C:\Program Files\Windows Media Player\Media Renderer\Read_Me.txt 3697516955.exe File created C:\Program Files\Java\jre7\lib\zi\Australia\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\th\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ky\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Windows Defender\MpEvMsg.dll 3697516955.exe File created C:\Program Files\WindowsPowerShell\Configuration\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroTextExtractor.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\CAGCAT10.DLL 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\9.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FORM.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187859.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\REPORT.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSTORDB.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_down.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.workbench_3.106.1.v20140827-1737.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\jsse.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.UDT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY00795_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00516L.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0186348.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME28.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\CNFNOT.CFG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-application-views.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\OFFLINE.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\INTLDATE.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Graph.exe.manifest 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-queries.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-coredump.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACETXT.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0309705.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\STSUPLD.INTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SEQCHK10.DLL 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwrlatinlm.dat 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_bridge_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\vsta_ep32.exe.config 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sendopts_ja.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\AUMProduct.cer 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00234_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\about.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0089992.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Essential.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15059_.GIF 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_m.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\TipBand.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\XLLEX.DLL 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ps\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ta.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00391_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0215086.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\bg_VelvetRose.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ACCWIZ\ACWZTOOL.ACCDE 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\flyoutBack.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\14.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\br\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GRAPH.HXS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSOUC_COL.HXC 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WITHCOMP.DPV 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaBrightDemiItalic.ttf 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Dublin 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libx265_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0171685.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsBrowserUpgrade.html 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationLeft_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\sunec.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\LoginTool24x24ImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\sqloledb.rll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\EST5EDT 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\access\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\settings.js 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\Hx.HxT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0309598.JPG 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\dropins\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\CreateSpaceImageMask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk15\windows-amd64\profilerinterface.dll 3697516955.exe File opened for modification C:\Program Files\RestartFind.MOD 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\libremoteosd_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\IEShims.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-actions_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-applemenu.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\jfluid-server-15.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Horizon.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OWSHLP10.CHM 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-overlay.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-text_zh_CN.jar 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\OutofSyncIconImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBBTN.XML 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\en-US\ieinstal.exe.mui 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\weather.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD19563_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01139_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107724.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Sand_Paper.jpg 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationRight_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.rcp.product_5.5.0.165303\feature.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\mc.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\jfr\profile.jfc 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libpuzzle_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0158477.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OIS_COL.HXT 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\tabskb.dll 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SpringGreen\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\SubsetList\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\SubsetList\Client.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Sort\YEAR.XSL 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\cmm\PYCC.pf 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Casablanca 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_mmx_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\OPTINPS.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0106572.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)redStateIcon.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\MANIFEST.MF 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\Data1.cab 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0174635.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR23F.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\PROOF\3082\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_jpn.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Noumea 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.attach_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-io_ja.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\hu\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CATALOG.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\EssentialLetter.dotx 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\chrome.VisualElementsManifest.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BOLDSTRI\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0183198.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14794_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Sts.css 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\41.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\GREEK.TXT 3697516955.exe File created C:\Program Files\Windows NT\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1049\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00157_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\MP00646_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Median.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Form.zip 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_m.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\button-bullet.png 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\86.0.4240.111\86.0.4240.111_chrome_installer.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonDown_Off.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Urumqi 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-Regular.otf 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLUEPRNT\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0188519.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21298_.GIF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libinflate_plugin.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\whitevignette1047.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\boot_ja.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\service.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00439_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02263_.WMF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\zh-cn.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEODTXT.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Garden.htm 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Hardcover.thmx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Resolute 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPOlive.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Havana 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0240291.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10266_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\groove.net\Servers\Management.cer 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsVersion1Warning.htm 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-crescent_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-previous-static.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\en-US\DVDMaker.exe.mui 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Notes_btn-back-static.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jfxmedia.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-loaders_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudiobargraph_a_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Defender\MSASCui.exe 3697516955.exe File opened for modification C:\Program Files\Windows NT\Accessories\WordpadFilter.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\TipBand.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSTH7ES.LEX 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_up.png 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\25.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0156537.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00704_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_Premium.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Premium.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\dragHandle.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_asf_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0212685.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBCAL.DPV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\WindowsAccessBridge-64.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-crescent_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\VSTAProject.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-3.png 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Read_Me.txt 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Metlakatla 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libwin_hotkeys_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR25F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightYellow\HEADER.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationLeft_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\pushplaysubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.ui_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.el_2.2.0.v201303151357.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\security\blacklist 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\CST6CDT 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SONORA\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0295241.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee90.tlb 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0228959.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21316_.GIF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\mobile.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-progress-ui_ja.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0297229.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\rtf_underline.gif 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\PROOF\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SOCIALCONNECTOR.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\about.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-threaddump_ja.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Star_Empty.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21422_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Mail\MSOERES.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_left.png 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\bg.pak 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\th\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04332_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0387895.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Horizon.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME39.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\ORIG98.POC 3697516955.exe File opened for modification C:\Program Files\7-Zip\7z.exe 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\it.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-text.xml 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ga\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ne\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\PROPLUS\ProPlusWW.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105306.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0164153.JPG 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\eo.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Settings.zip 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Desert\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_LightSpirit.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\wab32.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\updater.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN082.XML 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMain.wmv 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RICEPAPR\RICEPAPR.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187847.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Perspective.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0234657.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\ERROR.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs-nio2_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Ojinaga 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_rest.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01157_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.Interop.InfoPath.Xml.xml 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\installer.dll 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.ServiceModel.dll 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado26.tlb 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0400003.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CALENDAR.DPV 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cayman 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Zurich 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.intro.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00459_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02048_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18221_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\SUBMIT.JS 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBTRAP.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\DataType\Start End Dates.accft 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.TW.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.identity_3.4.0.v20140827-1444.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\FBIBLIO.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152694.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OUTLVBS.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Melbourne 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-12 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.app_1.3.200.v20130910-1609.jar 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationProvider.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_description_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00737_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_hover.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Green Bubbles.htm 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_foggy.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Soft Blue.htm 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ta.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_es.jar 3697516955.exe File created C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadcfr.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105414.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18254_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21398_.GIF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\cs.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Utilities.v3.5.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\XLINTL32.REST.IDX_DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Perth 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.components.ui.zh_CN_5.5.0.165303.jar 3697516955.exe File created C:\Program Files (x86)\Google\Temp\GUMBFA6.tmp\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\TipsImageMask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javah.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-io-ui.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-templates.xml_hidden 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00167_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PULQOT98.POC 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\el.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaSansDemiBold.ttf 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\masterix.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.reconciler.dropins_1.1.200.v20131119-0908.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Lisbon 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14582_.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsrom.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099153.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Lime\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME04.CSS 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\Space Templates\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ui_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\css\blafdoc.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-utilities.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\cursors.properties 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Araguaina 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0222019.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21519_.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\en-US\msadcfr.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115840.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationRight_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Desert\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_m.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_hov.png 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Mazatlan 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\core_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-startup.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-It.otf 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EXPEDITN\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14756_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_down.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\dt_socket.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-swing-tabcontrol.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-coredump_ja.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1251.TXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143753.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\LINES.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR49B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-disable.png 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\LICENSE 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_ring_docked.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02227_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14981_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Skins\Revert.wmz 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_disabled.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\library.js 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01575_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.BusinessData.dll 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_ja_JP.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Asuncion 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_ok.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0157191.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSACCESS_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\STSUPLD.DLL 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File created C:\Program Files (x86)\Windows Media Player\Network Sharing\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\af.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationUp_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\JavaAccessBridge-64.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR47F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\UnformattedNumeric.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_over.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\java.security 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\jsound.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18205_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Biscay\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CALENDAR.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2ssv.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libtransform_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099148.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0292272.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00798_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft.NET\RedistList\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\TitleButtonIcon.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\km\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105530.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-windows.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Fortaleza 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\javafx-doclet.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Cuiaba 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01866_.WMF 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\el\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\MS.CGM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\ED00010_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH02282_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH02313_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0157831.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\Verisign\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\title_trans_scene.wmv 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\wmlaunch.exe.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL012.XML 3697516955.exe File opened for modification C:\Program Files\Windows Mail\en-US\msoeres.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\main.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01173_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10299_.GIF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libparam_eq_plugin.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationLeft_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Windows Journal\Templates\Seyes.jtp 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdasc.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0214934.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0216112.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0309902.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Cave_Drawings.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\OLADD.FAE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Adobe.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\SettingsInternal.zip 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\WMPMediaSharing.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0305257.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\MST7MDT 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help_3.6.0.v20130326-1254.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187647.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSPUB.DEV_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\People\GIGGLE.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\RADIO.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Martinique 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.services.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-options_ja.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18184_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.win32.x86_64.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Whitehorse 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\lua\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jli.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\logging.properties 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\java.exe 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\weather.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152702.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153089.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Sort\TITLE.XSL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Oasis\HEADER.GIF 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\en-US\F12Resources.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_rest.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\FiveRules.potx 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Montreal 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\liberase_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\DEEPBLUE\DEEPBLUE.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\4.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.databinding_1.6.200.v20140528-1422.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14579_.GIF 3697516955.exe File created C:\Program Files (x86)\Windows NT\Accessories\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.scheduler.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0186364.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\tab_off.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_bullets.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSSP7FR.dub 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\WindowsBase.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-2 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.Activities.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\mk\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\penjpn.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14870_.GIF 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\nb\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Hand Prints.htm 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\msdaps.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationRight_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Tegucigalpa 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kabul 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099201.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03257_.WMF 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Library\SOLVER\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\VIEW.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH03143I.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-awt_ja.jar 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\d3dcompiler_47.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152716.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH03380I.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGMARQ.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.concurrent_1.1.0.v20130327-1442.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00200_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00694_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\DataViewIconImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Eucla 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jaas_nt.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Moscow 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\EXP_PDF.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105588.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382952.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02263_.WMF 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\swiftshader\libEGL.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02054_.WMF 3697516955.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\settings.ini 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00037_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00546_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME33.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\People\HICCUP.WAV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightItalic.ttf 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ar\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\id\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Midway 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01461_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\VeriSignLogo.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\NOTEBOOK.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\localizedStrings.js 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-core-output2.xml_hidden 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423861240389.profile.gz 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3_0.12.0.v20140227-2118.jar 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-core-synch-l1-2-0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN111.XML 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\feature.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.equinox.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_snow.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1049\hxdsui.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0300840.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15061_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.BusinessApplications.RuntimeUi.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL111.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ashgabat 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-5 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\d3d11\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_concat_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\clock.css 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateComRegisterShell64.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099160.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0172193.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationRight_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceYi.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\Contacts.accdt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libnormvol_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_splitter\libclone_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-new_partly-cloudy.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\LISTS\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099179.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105234.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02424_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-multiview.jar 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\3082\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21313_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-options-api.xml 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Entity.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_h.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_disabled.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14831_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\OLNOTER.FAE 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_bkg_orange.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.app.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-full_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\java-rmi.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OUTLFLTR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSHY7EN.DLL 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.dom.events_3.0.0.draft20060413_v201105210656.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\jfluid-server.jar 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14792_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsImageTemplate.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSODCW.DLL 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\js\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\whitemenu.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Mauritius 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ff\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_m.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02754U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ONENOTE_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\TaskbarIconImagesMask256Colors.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Oasis\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_rtl.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_h.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL078.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\3082\MSGR3ES.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\POWERPNT.EXE 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_classic_winxp.css 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Tashkent 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt55.ths 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\REC.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\RSSFeeds.html 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-back-static.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\mip.exe.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099166.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\POWERPNT.HXS 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\com.jrockit.mc.console.ui.notification_contexts.xml 3697516955.exe File created C:\Program Files (x86)\Windows NT\TableTextService\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.commands.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_autodel_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\visualization\libvisual_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_h.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\MSOINTL.DLL.IDX_DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18219_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_fr.properties 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\penusa.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\adcjavas.inc 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\ACT3R.SAM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Lime\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\css\currency.css 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile16.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\custom.lua 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\Invite or Link.one 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\POWERPNT_COL.HXT 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.reconciler.dropins.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\45.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02749G.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FLYER.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\search_background.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-services.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEMANAGED.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Elegant.dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\java_crw_demo.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\UTC 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_vc1_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\css\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\hy.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.descriptorProvider.exsd 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libnoseek_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\AFTRNOON\AFTRNOON.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD07804_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\bookbig.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\ReadOutLoud.api 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1042\hxdsui.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\EXCEL.DEV_F_COL.HXK 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Windows Photo Viewer\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\cy.txt 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\CMap\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\44.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\warning.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0090779.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL086.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\navBack.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.databinding.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1028\hxdsui.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART6.BDR 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw48.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\sawindbg.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\kinit.exe 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\corner.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEODEXL.DLL 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\vistabg.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN01184_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mset7ge.kic 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_over_BIDI.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD00116_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02062U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\OL.SAM 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\localizedSettings.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\VIEW.JS 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\uk\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libty_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143748.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Flow.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR4F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\SIDEBARBB.DPV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\plugin.properties 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\jsdebuggeride.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_MoveNoDrop32x32.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Sitka 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\La_Rioja 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Christmas 3697516955.exe File opened for modification C:\Program Files\Windows Defender\MpSvc.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00428_.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationRight_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\WZCNFLCT.CHM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Desert\HEADER.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-host.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\1.0\Microsoft.Ink.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\OSETUPUI.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.LTS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01265U.BMP 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BCSAutogen.dll 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ro-RO\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Runtime\x86\resources\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105338.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\macGrey.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_thunderstorm.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\as90.xsl 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\EN00222_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HM00426_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099156.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0103402.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\pl-PL\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-desk.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\OrielLetter.Dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\Flash.mpp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS01636_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107544.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\Common.fxh 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\dropins\README.TXT 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\cs\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\2.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152892.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02214_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_TexturedBlue.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Reykjavik 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\NPSWF32.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0309904.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21448_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsOutgoingImage.jpg 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\dumpmeta.luac 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PARNT_04.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\WINWORD.HXS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NL7MODELS0009.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\icon.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_MoveNoDrop32x32.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Danmarkshavn 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-lib-profiler.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\MS.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00231_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\List.accdt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Algiers 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\en-US\iedvtool.dll.mui 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\31.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\ahclient.dll 3697516955.exe File created C:\Program Files (x86)\Google\Policies\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01268_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\UnreadIcon.jpg 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToNotesBackground_PAL.wmv 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\text_renderer\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\VSTARemotingServer.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\adojavas.inc 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115844.GIF 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\icudtl.dat 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Enderbury 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\Adobe\Acrobat\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Metro.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14693_.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Slate\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-left.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\ffjcext.zip 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01745_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\ImagingEngine.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.batik.util.gui_1.7.0.v200903091627.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00452_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\9.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\en-US\msadcfr.dll.mui 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7Handle.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-ui_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\AST4ADT 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_pressed.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\2052\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18199_.WMF 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\en-GB.pak 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\DataSet.zip 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\POSTITS.ICO 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\Xusage.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ARCTIC\ARCTIC.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00734_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WHIRL2.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Teal.css 3697516955.exe File opened for modification C:\Program Files\7-Zip\History.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Easter 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099184.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143749.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR45B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL083.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-attach.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Palmer 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\CET 3697516955.exe File opened for modification C:\Program Files\Windows Journal\en-US\Journal.exe.mui 3697516955.exe File opened for modification C:\Program Files\Windows Mail\en-US\WinMail.exe.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD19582_.GIF 3697516955.exe File created C:\Program Files\Java\jre7\lib\fonts\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\YST9 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-environment-l1-1-0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\ACEINTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sv.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Maroon.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\WWINTL.DLL.IDX_DLL 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dialdot.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPBluHandle.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\Documentation.url 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libvod_rtsp_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_bottom.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Flyout_Thumbnail_Shadow.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\icudt36.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099203.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\ado\msado15.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OCLTINT.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CSS7DATA000C.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\TECHTOOL.HTM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21294_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-masterfs.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Amman 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32Info.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0280468.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01361_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Library\Analysis\ANALYS32.XLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.InfoPath.Client.Internal.CLRHost.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64_3.103.1.v20140903-1947.jar 3697516955.exe File opened for modification C:\Program Files\DVD Maker\directshowtap.ax 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Samara 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.core_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\Mso Example Intl Setup File A.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PARNT_08.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02082_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR27F.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\IpsMigrationPlugin.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_AutoMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185842.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_mid_over.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Macau 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\splash.gif 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\my\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_dts_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00204_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198377.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00194_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CATWIZ11.POC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Pohnpei 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Manaus 3697516955.exe File created C:\Program Files (x86)\Common Files\Adobe AIR\Versions\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\glib-lite.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\HST 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\psmachine_64.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Aspect.xml 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\zh-TW\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\org-netbeans-core-windows_visualvm.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\hy\LC_MESSAGES\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ms\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\settings.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR12F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jcmd.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\DAO\dao360.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099193.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\Discussion14.gta 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\Tabs.accdt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Nairobi 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.equinox.simpleconfigurator\bundles.info 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\bbc_co_uk.luac 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21344_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\SETLANG_COL.HXT 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\blackbars80.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR4B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Client.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\720x480icongraphic.png 3697516955.exe File created C:\Program Files\Mozilla Firefox\defaults\pref\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\features\[email protected] 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Biscay\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME46.CSS 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\en-US\DiagnosticsTap.dll.mui 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\Timeline.cpu.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\currency.data 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\java_crw_demo.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Luxembourg 3697516955.exe File opened for modification C:\Program Files\Windows Photo Viewer\PhotoBase.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip32.exe 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\tabskb.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\AD98.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sk.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-dialogs.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WING2.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGBOXES.DPV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Nassau 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationLeft_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_scrapbook_Thumbnail.bmp 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.dom.smil_1.0.0.v200806040011.jar 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.DynamicData.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\settings.html 3697516955.exe File opened for modification C:\Program Files\DVD Maker\fieldswitch.ax 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\AD.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Runtime\x86\resources\1033\Synchronization.rll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-crescent_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Library\SOLVER\SOLVER32.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03795_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ACCDDSF.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\EXSEC32.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Defender\MpClient.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\11.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Vilnius 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\plugin-hang-ui.exe 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_down.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00265_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185780.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Stars.htm 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0281640.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Earthy.css 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\MENU.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107744.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\TEXTAREA.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Mail\wabmig.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Choibalsan 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099149.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185776.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\GRIP.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.InfoPath.FormControl.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\12.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-execution_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\en-US\setup_wm.exe.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00394_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SAMPLES\SOLVSAMP.XLS 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_top_right.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.extensionlocation.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\2.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00612_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107452.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\EXCEL.DEV_COL.HXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR39F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\MSOSEC.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages.properties 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Resource.zip 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\SAVE.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-core-kit_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOnNotificationInTray.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00440_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PARNT_03.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR48F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART8.BDR 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsHomePage.html 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_s.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MUOPTIN.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\jsprofilerui.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107262.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Jayapura 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-visual.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\management\snmp.acl.template 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\cryptocme2.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382968.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.actionProvider.exsd 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\security\trusted.libraries 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\brx\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libstl_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\COMPASS\THMBNAIL.PNG 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Document Parts\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.ID.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGSIDEBRV.XML 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\nl.pak 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-left.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382925.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15170_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\OUTEX.ECF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\be.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15018_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SegoeChess.ttf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0157995.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Hermosillo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN01060_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD02115_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsPreviewTemplateRTL.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Araguaina 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Hermosillo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0240157.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_sun.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Memo.emf 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh89 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Guatemala 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Macau 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00343_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187837.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR42F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\OOFS.ICO 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\sq.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\instrument.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\launcher.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105230.WMF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ca.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_LinkNoDrop32x32.gif 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\security\US_export_policy.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\sv\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down_BIDI.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\engphon.env 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Essential.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\AWARDHM.POC 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\Triedit\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Enderbury 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00045_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0151581.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\bg_Country.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BCSClientManifest.man 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGACCBOX.XML 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_specialocc_Thumbnail.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-crescent.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\EssentialResume.dotx 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_ffffff_256x240.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_av1_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_hover.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\APIFile_8.ico 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03339_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00350_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01839_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Iqaluit 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Oriel.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\INFOPATHEDITOR.HXS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Essential.thmx 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\cgg\LC_MESSAGES\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00932_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR7F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\RSSITEMS.ICO 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-attach_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\rmiregistry.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\javaws.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\mobile_view.html 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Proof.fr\Proof.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSEngine.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00648_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00241_.WMF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\lv.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107488.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\ct.sym 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\nb\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color48.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0086432.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03241_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB3B.BDR 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PROG98.POC 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Wrinkled_Paper.gif 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Malta 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00525_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152876.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187817.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Costa_Rica 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN01545_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\CLIPART\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\InkWatson.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0216153.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Austin.thmx 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\setup_wm.exe 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_videoinset.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\dblook 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\RESENDL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\GFX.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\AddToViewArrowMask.bmp 3697516955.exe File opened for modification C:\Program Files\7-Zip\7-zip.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsfin.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\release 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\HST10 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libball_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_FileOffMask.bmp 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+11 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\reflow.api 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.TTS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00911_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR49F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Runtime\x86\Synchronization.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Lagos 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00161_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200273.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Technic.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SECURE.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SENDTO.DLL 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\sd\jamendo.luac 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099171.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0196110.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14983_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\WSSFilesToolIconImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.BusinessData.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\classes.jsa 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-heapwalker.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Dubai 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00513_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0090149.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02055_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ASCIIENG.LNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\ISO690Nmerical.XSL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jfxwebkit.dll 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-sampler.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21527_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\dblook.bat 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Ulaanbaatar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\WTSP61MS.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SHARING.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SoftBlue\background.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_pressed.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\JUNGLE.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\locale\jfluid-server_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\gtkHandle.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\tools.jar 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\EET 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\sv\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Wallis 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\sl\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Metlakatla 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SKY\SKY.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107188.WMF 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\currency.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0384888.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00934_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Aspect.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_VelvetRose.gif 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\net.properties 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\zh_TW\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0301076.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\SIGN.DPV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\keytool.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Oslo 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RADIAL\RADIAL.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105526.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Civic.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\mlib_image.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01734_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\en-US\PhotoAcq.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD06102_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derby.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.felix.gogo.shell_0.10.0.v201212101605.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.bidi_0.10.0.v20130327-1442.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN00790_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107426.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Trans_Notes_PAL.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Krasnoyarsk 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_glass_100_f6f6f6_1x400.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libedgedetection_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\JOURNAL\JOURNAL.INF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.ui_4.0.100.v20140401-0608.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Fakaofo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107516.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18245_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR20F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGBORDER.DPV 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Scene_loop_PAL.wmv 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\playlist_jstree.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\REMOTES.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.SharePoint.BusinessData.Administration.Client.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-crescent_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\cs.pak 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Chihuahua 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Damascus 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEERR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14755_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\DADSHIRT.HTM 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.model.workbench_1.1.0.v20140512-1820.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msadox.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Perspective.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18206_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18251_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSOUC_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\AD.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.ComponentModel.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\MST7 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsita.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.VisualBasic.Targets 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\drag.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\info.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ENVELOPE.DLL 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwrcommonlm.dat 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSOUTL.OLB 3697516955.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft.Office.InfoPath.targets 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\rtscom.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0217262.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18244_.WMF 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\sk.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.eclipse.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Tripoli 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Windhoek 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Management.Instrumentation.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_gu.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341551.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00476_.WMF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\Read_Me.txt 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107734.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\PASSWORD.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\logo.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util-lookup_ja.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.swf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0149018.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Nipigon 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+3 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Istanbul 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ONELEV.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR46B.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_hu.jar 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\en-US\networkinspection.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.eclipse_2.1.200.v20140512-1650.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Bermuda 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Minsk 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\removed-files 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-crescent_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_snow.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\bod_r.TTF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105232.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239941.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0090027.WMF 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\icon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185790.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\PAB.SAM 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libhttp_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_zh_TW.properties 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\LEVEL\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS01639_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187839.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00255_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ACCESS12.ACC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\RECS.ICO 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-nodes.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGLINACC.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Americana\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\fr.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\day-of-week-16.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\bs\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MUAUTH.CAB 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN102.XML 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Garden.htm 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\MARQUEE.POC 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Los_Angeles 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-desk.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_hov.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_few-showers.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR22F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR30F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\NotifierWindowMask.bmp 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FLYER11.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\ENVHM.POC 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\SmallLogoDev.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Gambier 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105336.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107282.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Equity.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BlackRectangle.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_CopyDrop32x32.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Almaty 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-tabcontrol_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\http.luac 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\tl.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\AFTRNOON\AFTRNOON.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Issues.accdt 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libaddonsvorepository_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Oarpmany.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PSRCHLEX.DAT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_FileOff.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-attach_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dubai 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\content-types.properties 3697516955.exe File created C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\WINWORD_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\MessageAttachmentIconImages.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_hov.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-background.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\libvlc.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_a52_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Peacock.htm 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02094_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00095_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked-loading.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Karachi 3697516955.exe File created C:\Program Files\Google\Chrome\Application\86.0.4240.111\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Rio_Gallegos 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface_3.10.1.v20140813-1009.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\BIBUtils.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0106208.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01330_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange.css 3697516955.exe File opened for modification C:\Program Files\Common Files\System\ado\msado21.tlb 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBHD.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL022.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EDGE\EDGE.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ECLIPSE\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\ie9props.propdesc 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00669_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107512.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\STS2\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSCOL11.PPD 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04195_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.Targets 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_sun.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Roses.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0086426.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187849.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\FSTOCK.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Andorra 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\WATERMAR\WATERMAR.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14532_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21435_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsFormTemplate.html 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\feedbck2.gif 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Miquelon 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\liveleak.luac 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\QUAD\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00247_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21370_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ONINTL.REST.IDX_DLL 3697516955.exe File opened for modification C:\Program Files\DVD Maker\OmdBase.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_settings.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.forms.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Montevideo 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\SaveAsRTF.api 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Excel.en-us\SETUP.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01176_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0336075.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR2F.GIF 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome_100_percent.pak 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\setup_wm.exe.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GrayCheck\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107302.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_divider_right.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\java.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-actions.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libhds_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SHOW_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14754_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME38.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.BusinessData.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.configuration_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Monrovia 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\pipanel.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsBrowserUpgrade.html 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-changjei.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RADIAL\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\WATERMAR\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsFormTemplateRTL.html 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\ImagingDevices.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Belgrade 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\networkinspection.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\zipfs.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-keymap_ja.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_hevc_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_super.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_am.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01566_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18212_.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\pushplaysubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\psfontj2d.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\core_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\glow.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN00965_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCHDRESN.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Things\WHOOSH.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGDOTS.DPV 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\plugin2\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_right.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libcaca_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0234266.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSHY7FR.LEX 3697516955.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceSimplifiedZhengMa.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\WindowsAccessBridge-64.dll 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\http\requests\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_rest.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\micaut.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\sqlxmlx.rll 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME27.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\CircleIconsMask.bmp 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipscsy.xml 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\en-US\eula.rtf 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\README.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\create_stream.html 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CASCADE\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\scenesscroll.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmad_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00145_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD01196_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\BUSINESS.ONE 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_snow.png 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\mr.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.syntheticattribute.exsd 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libskiptags_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\QuickTime.mpp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_mid.gif 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\visualization\libgoom_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0309567.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jar.exe 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\SetupMetrics\20201028183641.pma 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Moncton 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Hovd 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\platform.ini 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21299_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.ComponentModel.DataAnnotations.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToScenesBackground.wmv 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLED.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0235241.WMF 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\tr.pak 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome_pwa_launcher.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.net_1.2.200.v20120807-0927.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_pitch_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\gui\libskins2_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD19695_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287408.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02746G.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainBackground_PAL.wmv 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_right_disable.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_docked.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD10358_.GIF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\jdwpTransport.h 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libtextst_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\THANKS.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_down.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\Microsoft.Office.Tools.v9.0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099205.WMF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\mng.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0232171.WMF 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RICEPAPR\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD02116_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143754.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD15184_.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CHECKER.POC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-common_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\rmiregistry.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00126_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Trek.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR38F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\REMOTE.CFG 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Dotted_Lines.emf 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\init.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0212701.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\jfxrt.jar 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color120.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0332364.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FORM.JS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\RTF_BOLD.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_LinkDrop32x32.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\CET 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Luxembourg 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143752.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CALSO11.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmpenc.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_cs.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Groove.en-us\GrooveMUI.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099150.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15277_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CharSetTable.chr 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\WMPMediaSharing.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\rings-dock.png 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\sv.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02356_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\CircleIcons.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\gadget.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)alertIcon.png 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw48.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\npvlc.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185806.WMF 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\11.png 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Net.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile_bezel.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_h264_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18255_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLLIBR.DLL.IDX_DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCDRESNL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Wordcnv.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Gibraltar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_pt_BR.properties 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libvc1_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\DMR_120.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Help\en_US\Adobe Reader\9.0\helpmap.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\CRANINST.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR14F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\EMAIL.DPV 3697516955.exe File opened for modification C:\Program Files\Common Files\System\ado\msado25.tlb 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-charts_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Jakarta 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double_orange.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\drag.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01751_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18236_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14793_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\index.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCDCNCLS.ICO 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ckb\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kuching 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ne\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\SC_Reader.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\AFTRNOON\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02024_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Discussion\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Seyes.emf 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Publisher.en-us\PublisherMUI.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00720_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02067_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Nicosia 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.webapp_3.6.300.v20140407-1855.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libsepia_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02092_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ACCWIZ\ACWZDAT12.ACCDU 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\jconsole.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Desktop.ini 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\iedvtool.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\CHIMES.WAV 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\ffjcext.zip 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonDown_On.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\chapters-static.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Saipan 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ml\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\connectionmanager_dmr.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_win7.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\WSS\107.accdt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\1047x576black.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0215076.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsHomePageScript.js 3697516955.exe File created C:\Program Files\Java\jre7\lib\security\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\sRGB.pf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200183.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ContemporaryPhotoAlbum.potx 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_LOOP_BG_PAL.wmv 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WNTER_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_underline.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287641.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\classlist 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\brx\LC_MESSAGES\vlc.mo 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\Read_Me.txt 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR39F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider_left.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Cordoba 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01747_.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_VelvetRose.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSPUB.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02417U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18238_.WMF 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\de\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187815.WMF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEREP.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\msmdlocal.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\msolui100.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0222021.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\EXCEL_COL.HXC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME35.CSS 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Analysis Services\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\sw.pak 3697516955.exe File opened for modification C:\Program Files\Common Files\System\ado\msador15.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-execution.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Caracas 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Microsoft.VisualStudio.Tools.Applications.Adapter.dll 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\va.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_left_mouseout.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Filters\odffilt.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdatt.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00998_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LINEACT.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\DMR_48.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\gadget.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Vancouver 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_VideoInset.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\hprof-16.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Apia 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\mshwLatin.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Grid.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\PicturesToolIconImagesMask.bmp 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Mazatlan 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GrayCheck\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_FormsHomePageSlice.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSOHEV.DLL 3697516955.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_leftarrow.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0301432.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02390_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_h.png 3697516955.exe File created C:\Program Files\Windows NT\TableTextService\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-javahelp.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Beirut 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSFrontendENU.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Apex.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Opulent.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.http.servlet_1.1.500.v20140318-1755.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Darwin 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libcrystalhd_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\vlc.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02187_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME34.CSS 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\title_stripe.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\macHandle.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgaussianblur_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ADVZIP.DIC 3697516955.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.VisualBasic.Targets 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\jni.h 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MAPISHELLR.DLL 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\FrameworkList.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_settings.png 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateHelper.msi 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107308.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00389_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01149_.WMF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.rcp.product_5.5.0.165303\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_floating.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\CHECKBOX.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk16\windows-amd64\profilerinterface.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libgain_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02093_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions_Person.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\VPREVIEW.EXE 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\fa.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\1033\VBLR6.CHM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY00792_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\MENU.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\js\slideShow.js 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\SPPlugins\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Mail\WinMail.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\EN00397_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD01657_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGTOC.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\Users.accdt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libdca_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\deploy.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Wake 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\msvcp140.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\librawaud_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\32.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0175361.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\klist.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Hong_Kong 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Amsterdam 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\dummy.luac 3697516955.exe File opened for modification C:\Program Files\Windows Photo Viewer\ImagingEngine.dll 3697516955.exe File created C:\Program Files (x86)\Google\Update\1.3.35.452\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD09194_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239973.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-heapwalker_ja.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\StarterApplicationDescriptors.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Desert.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-awt.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaBrightRegular.ttf 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_sun.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0199429.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00768_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0199036.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\startNetworkServer 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\settings.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14691_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cancun 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-netbeans-modules-options-api.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\8.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-crescent.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\zx______.pfm 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\mip.exe.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Tunis 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-8 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107722.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21330_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\RedistList\AssemblyList_4_extended.xml 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\vi.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsnld.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Tahiti 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\feature.properties 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\jfxwebkit.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Rankin_Inlet 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Omsk 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_glass_100_fdf5ce_1x400.png 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\nl.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21337_.GIF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_splitter\libwall_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\El_Salvador 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\de\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\sk\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_s.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\InkObj.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04385_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Austin.xml 3697516955.exe File opened for modification C:\Program Files\Common Files\System\ado\msado26.tlb 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\REPLTMPL.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\SplashImage.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_disabled.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_hail.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\POWERPNT.DEV.HXS 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libdirectory_demux_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\gadget.xml 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLENDS\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\EMAIL11.POC 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\security\javaws.policy 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\new-trigger-wiz.gif 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\dt_socket.dll 3697516955.exe File created C:\Program Files (x86)\Windows Portable Devices\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssLogo.gif 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_mainImage-mask.png 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\maintenanceservice.exe 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libvoc_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01138_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Austin.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR50F.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft SQL Server Compact Edition\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jpeg.dll 3697516955.exe File opened for modification C:\Program Files\RestoreRevoke.kix 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200377.WMF 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\be\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00687_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00640_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSACCESS.DEV_COL.HXC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSTH7FR.DLL 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\15.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14790_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MAPIPH.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\sidebar.exe 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libh26x_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18191_.WMF 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_windy.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\es\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Hardcover.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\EADOCUMENTAPPROVAL_REVIEW.XSN 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\id.txt 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\MSOINTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115864.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\bear_formatted_rgb6.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgeCalls.h 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroSign.prc 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00923_.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationRight_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\MCIMPP.mpp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341557.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\DLGSETP.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_flyout.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Juneau 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\EST5 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00728_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Slate.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\ADD.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Qyzylorda 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\zu\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\navBack.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Desert\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jmc.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\java.policy 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\library.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00105_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD10308_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\TYPE.WAV 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Dot.png 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-filesystem-l1-1-0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\eqnedt32.exe.manifest 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01172_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\Groove Starter Template.xsn 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\bg_GreenTea.gif 3697516955.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ExecutiveResume.dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-api_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\AssemblyInfoInternal.zip 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ca\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AGMGPUOptIn.ini 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PROTTPLN.PPT 3697516955.exe File opened for modification C:\Program Files\7-Zip\Uninstall.exe 3697516955.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0195248.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239935.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02270_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\BHOINTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGCINFO.XML 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Davis 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Zaporozhye 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\PST8PDT 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\bg_sidebar.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RIPPLE\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0174315.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Puerto_Rico 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kolkata 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0182689.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\EmptyDatabase.zip 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.commons.logging_1.1.1.v201101211721.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql70.xsl 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\CalendarToolIconImages.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-editor-mimelookup-impl.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY01491_.WMF 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationUp_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\button-highlight.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\codec\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SATIN\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0282126.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00417_.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\zh-TW\tipresx.dll.mui 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ga\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libswscale_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Journal\NBDoc.DLL 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_rest.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00685_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00555_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02756U.BMP 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-multitabs.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_right.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\1033\OFFICE10.MML 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_es-419.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0229389.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_ContactLow.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-progress-ui.xml 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ne\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\pa\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Accessibility.api 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\sqmapi.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14528_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCHDREST.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonUp_On.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.alert_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\MSEnv\PublicAssemblies\extensibility.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00367_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\Tasks.accdt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\drag.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\eclipse.inf 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.service.exsd 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00078_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\Hierarchy.xsl 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\PROOF\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Magadan 3697516955.exe File created C:\Program Files\Windows Journal\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00479_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-full.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\splash.gif 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\St_Johns 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_is.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\OUTDR_01.MID 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\license.html 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsIncomingImageMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL044.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PPTICO.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\divider-vertical.png 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\fi.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.property.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Windows Journal\jnwppr.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-2 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Port-au-Prince 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\WET 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_realrtsp_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185828.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21326_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Process Library.fdt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-explorer.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Bahia_Banderas 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.commands.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-masterfs.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kabul 3697516955.exe File created C:\Program Files (x86)\Internet Explorer\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_iw.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01293_.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01750_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\EssentialReport.dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TAIL.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-profiling.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\libmarq_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00705_.WMF 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0293240.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_Groove.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_rest.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-host-views.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Slipstream.thmx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net_1.2.200.v20140124-2013.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME37.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\AdjacencyResume.dotx 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\micaut.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Sao_Paulo 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Tahiti 3697516955.exe File opened for modification C:\Program Files\Windows NT\Accessories\en-US\wordpad.exe.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Lime\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\3082\MSO.ACL 3697516955.exe File opened for modification C:\Program Files\DVD Maker\SecretST.TTF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\hi\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\localizedStrings.js 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-first-quarter_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_email.gif 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01151_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\ActiveTabImage.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Qyzylorda 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02071U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OneNoteSyncPCIntl.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider_right.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-gibbous.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\NETWORK\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\23.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA6\VBE6EXT.OLB 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Stanley 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\stream_out\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\EN00006_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HM00116_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153508.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18216_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.ui.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\topnav.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt_0.11.101.v20140818-1343.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_bottom_right.png 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01785_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR3F.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsplk.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Jujuy 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\feature.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\eclipse.inf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105380.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00183_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\OUTEX2.ECF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\oledbvbs.inc 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-print_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-io.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\or\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_mp4_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\21.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\MSB1XTOR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02384_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Toronto 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PPCORE.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\BlackTieNewsletter.dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\TimeCard.xltx 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_settings.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSOCFU.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Pushpin.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SECREC.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\InformationIcon.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\logo.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\24.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00330_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Dawson_Creek 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01179J.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01931J.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\BodyPaneBackground.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN044.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\JUDGESCH.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\Content.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Vienna 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\hr\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\flyout.html 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_distributed.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_fil.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground_PAL.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\libxslt.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04191_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00608_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LABEL98.POC 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Notes_loop_PAL.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.eclipse.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File created C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgrain_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\DataServices\+Connect to New Data Source.odc 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\eclipse_1665.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbytools.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jsse.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_chromecast_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239079.WMF 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\gu.pak 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\zh-TW.pak 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\liboggspots_plugin.dll 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\css\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Mail\msoe.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287644.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\INFOPATH_COL.HXC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSPUB_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_notes-txt-background.png 3697516955.exe File created C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Documentation\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_bottom.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_few-showers.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME22.CSS 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiler_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\en-US\sqlxmlx.rll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14654_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\OLNOTE.FAE 3697516955.exe File opened for modification C:\Program Files\7-Zip\readme.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-border.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02958_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01840_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsVersion1Warning.htm 3697516955.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\1033\Read_Me.txt 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Bucharest 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\javafx.properties 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\shatter.png 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ro.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\ehshellLogo.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR40F.GIF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ne.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-tools_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\uninstall\shortcuts_log.ini 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_few-showers.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD01191_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02453_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Paper.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00135_.GIF 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\ieproxy.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02269_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_cloudy.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\Alphabet.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_right_mouseout.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Adjacency.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21518_.GIF 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\uk\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\server\jvm.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libvpx_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libmicrodns_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ENVELOPR.DLL.IDX_DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\mpvis.dll.mui 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad.xml 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\HWRCustomization\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BZCARD11.POC 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\PowerPoint.en-us\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR8B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\IPML.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\RTF_BOLD.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\InfoPathOMFormServicesV12\Microsoft.Office.InfoPath.xml 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\activity16v.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Adjacency.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightYellow\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\HEADER.GIF 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\lt\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152898.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME25.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR26F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR29F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\PACBELL.NET.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-keyring-impl.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Boise 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\feature.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\pa\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\logo.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\picturePuzzle.css 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\msdasqlr.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\eula.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Andorra 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.IO.Log.dll 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\en-US\wmpnssci.dll.mui 3697516955.exe File created C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\DELIMDOS.FAE 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.ui.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-attach.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\5.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_sun.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\oledbvbs.inc 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200521.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02282_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01560_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FORM.ICO 3697516955.exe File created C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\SETLANG_COL.HXC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0106146.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\POSTCARD.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\setup_wm.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\w2k_lsa_auth.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21301_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-gibbous.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\jvm.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Detroit 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler-ui.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00077_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0309920.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipscht.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-keymap_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_bottom.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\pagecurl.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvmstat_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\flavormap.properties 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18181_.WMF 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\psfont.properties.ja 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Rome 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libx264_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw120.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\gadget.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME53.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OneNote\SendToOneNote.ini 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ro-RO\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\RECALL.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Broken_Hill 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Kiritimati 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\CUPINST.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21423_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD15035_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Lime.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\ktab.exe 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\ShadesOfBlue.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-uisupport.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\atl.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-Bold.otf 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PAPYRUS\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PROTTPLV.DOC 3697516955.exe File opened for modification C:\Program Files\7-Zip\7zG.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\ColleagueImport.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-lib-uihandler.xml_hidden 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_down.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Orange Circles.htm 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107358.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Couture.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OMSMAIN.DLL 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_matte.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-text.xml 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Proofing.en-us\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\sqlcecompact35.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.app_1.0.300.v20140228-1829.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_TexturedBlue.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BRCHUR11.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\SIGNHM.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\RE00006_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.app.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-oql_ja.jar 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\mozglue.dll 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationBuildTasks.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105384.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14883_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\XLSLICER.DLL 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Pyongyang 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.update.configurator_3.3.300.v20140518-1928.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Indianapolis 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\appletrailers.luac 3697516955.exe File created C:\Program Files\Windows Journal\Templates\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\ParentMenuButtonIcon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\logo.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\EQNEDT32.EXE 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\UCT 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\InfoPath.en-us\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18242_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\FAXEXT.ECF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.rcp.product_5.5.0.165303\feature.properties 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\awt.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_settings.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00623_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21332_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsViewTemplate.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OEMPRINT.CAT 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_bottom_left.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Bahia 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Core.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\curl-hot.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\IETAG.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00390_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00726_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21303_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\eclipse_1655.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_photo_Thumbnail.bmp 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\toc.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\VDK10.RSD 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\psuser.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0294989.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01240_.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotsdarkoverlay.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_dot.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\schemagen.exe 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1250.TXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\Shared24x24ImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\apt.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javaw.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msdaremr.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105292.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03466_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\VBAOWS10.CHM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LTHD11.POC 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Stars.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Istanbul 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\fa\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libsmb_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY01006_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKACCL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\NotifierDisableDownArrow.jpg 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\hi.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_udp_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\triangle.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00122_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\EXCEL.DEV.HXS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\SUBMIT.JS 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libbluray-j2se-1.0.2.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-output2.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152590.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-delete.avi 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-autoupdate-services.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadcs.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105294.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0182902.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0182946.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\TALK21.COM.XML 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwrusash.dat 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\alt-rt.jar 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\Read_Me.txt 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD01658_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0188511.WMF 3697516955.exe File created C:\Program Files\Common Files\System\msadc\en-US\Read_Me.txt 3697516955.exe File created C:\Program Files\WindowsPowerShell\Configuration\Registration\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Internet Explorer\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02748G.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passportcover.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\4.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Median.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\GB.XSL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\on_desktop\slideshow_glass_frame.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONBttnPPT.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0145373.JPG 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\elevation_service.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\InkDiv.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0150861.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00168_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME49.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsOutgoingImageMaskSmall.bmp 3697516955.exe File created C:\Program Files\Google\Chrome\Application\86.0.4240.111\swiftshader\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\ir.idl 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Google\CrashReports\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02407_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Things\COUPLER.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\SalesReport.xltx 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher_1.3.0.v20140415-2008.jar 3697516955.exe File opened for modification C:\Program Files\Windows Journal\Templates\Memo.jtp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0384900.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSACCESS.DEV_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL097.XML 3697516955.exe File opened for modification C:\Program Files\7-Zip\7zFM.exe 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_up.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18243_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR46F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\sqlceca35.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_h.png 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.AddIn.Contract.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\fur\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libudp_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\clock.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.ES.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_foggy.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\selection_subpicture.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-hot.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\icon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01242_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\PUSH.WAV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-openide-options.xml_hidden 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Apothecary.eftx 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\browse.json 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\LightSpirit.css 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-back-static.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187895.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0215718.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-heapdump.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-threaddump.xml 3697516955.exe File created C:\Program Files\Mozilla Firefox\defaults\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\liblive555_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_pressed.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099159.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382970.JPG 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LETTHEAD.DPV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\feature.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\cue.luac 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\MSB1CORE.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152698.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_FormsHomePageBlank.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\SessionOwner.ico 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\UrbanMergeLetter.Dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Thunder_Bay 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\micaut.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javac.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ho_Chi_Minh 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\jli.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Costa_Rica 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Athens 3697516955.exe File created C:\Program Files\Common Files\System\ado\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-core-processthreads-l1-1-1.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ar\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libttml_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ACEDAO.DLL 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\http\js\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\pl.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javafx-iio.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Krasnoyarsk 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.text_3.5.300.v20130515-1451.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libzvbi_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0300912.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Northwind.accdt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_select-highlight.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Paris 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-remote_ja.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libvnc_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL00268_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBCAL.XML 3697516955.exe File created C:\Program Files (x86)\Windows Media Player\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cambridge_Bay 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_foggy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00448_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PPTIRMV.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\GRAY.pf 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\rt.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\pt_BR\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libadjust_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD19827_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02755U.BMP 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationRight_SelectionSubpicture.png 3697516955.exe File created C:\Program Files\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Document Parts\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\accessibility.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Yekaterinburg 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\fur\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\tesselate.x3d 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CATWIZ.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\NAVBARV.POC 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\msdaprst.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ms\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\uninstall.log 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\WMPDMCCore.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css\settings.css 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\security\java.policy 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099181.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GrayCheck\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR49F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\EQNEDT32.HLP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03459_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_ContactHigh.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00248_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\THIRDPARTYLICENSEREADME-JAVAFX.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-cli_ja.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\http\dialogs\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\softokn3.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirect3d11_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00174_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Newsprint.eftx 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\notification_helper.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\SplashScreen.zip 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\eula.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Port-au-Prince 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_ja.properties 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeUpdaterInstallMgr.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\en-US\msdasqlr.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00172_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115842.GIF 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\lv.pak 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\js\calendar.js 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\drag.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Bears.jpg 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\cpu.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.SF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\EST 3697516955.exe File opened for modification C:\Program Files\Windows Defender\MpCommu.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_thunderstorm.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\MSMAPI\1033\MSMAPI32.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MIMEDIR.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jsadebugd.exe 3697516955.exe File opened for modification C:\Program Files\Windows NT\Accessories\wordpad.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SONORA\SONORA.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_left.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGZIP.DPV 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\pa\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-util.xml 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ko\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_top_right.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\STUDIO\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME55.CSS 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\help.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office64.en-us\Office64MUI.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0215070.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02134_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_hover.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Zurich 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_disabled.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02287_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21296_.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\OneNote\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Jakarta 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\ECLIPSE_.RSA 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_ps_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GRINTL32.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR00.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\STSLIST.CHM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\JUDGESCH.HTM 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\ssvagent.exe 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\fonts\TwemojiMozilla.ttf 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSSOAP30.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SlateBlue.css 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider.png 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\swiftshader\libGLESv2.dll 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Winnipeg 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\WATERMAR\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\xmlrw.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD02097_.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationUp_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH03011U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152882.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Paramaribo 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\gadget.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\license.html 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\am.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.components.ui_5.5.0.165303.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ta\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0238983.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0250504.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR28F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\Filters.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_few-showers.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-attach.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0216612.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0293828.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\booklist.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_mac.css 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\qipcap64.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ckb\LC_MESSAGES\vlc.mo 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\video_output\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libcanvas_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Main_Background_QuickLaunch.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Star_Half.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\mainscroll.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\STORYBB.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD06200_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Funafuti 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\TextConv\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\ADO210.CHM 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\SmartTagInstall.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0090386.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18187_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\currency.js 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\local_policy.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libx26410b_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color48.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_few-showers.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BREEZE\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH02166_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.console_1.0.300.v20131113-1212.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00049_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Apex.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15136_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\MSVCR71.DLL 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Genko_2.emf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00034_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03464_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02252_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\GRAPH.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange\background.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Adobe\symbol.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198372.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287417.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03453_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\feature.xml 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationUp_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\feature.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerConstraints.exsd 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ECLIPSE\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR5F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\attention.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\form_edit.js 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\FlickAnimation.avi 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSTH7ES.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\PersonalMonthlyBudget.xltx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105282.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\ieinstal.exe.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.attributeTransformation.exsd 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.repository.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\boot_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SLATE\SLATE.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00455_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PARNT_10.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18234_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.JP.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\NetworkServerControl.bat 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.rcp_4.3.100.v20141007-2301.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\af\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSOCFUIUTILITIESDLL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\21.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10301_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\StarterNotificationDescriptors.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_extractor\libarchive_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HTECH_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0337280.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core.xml 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\he\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Adobe\zdingbat.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadce.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKDECL.ICO 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\en-US.pak 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0195254.WMF 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\lv\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\updater.ini 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0212299.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_hov.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_rightarrow.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\CST6CDT 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_flyout.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\slideshow_glass_frame.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198021.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Median.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\AUDIOSEARCHSAPIFE.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Guatemala 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mscss7cm_fr.dub 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL058.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_divider_left.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ia\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_highlights_Thumbnail.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Baghdad 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+6 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Tallinn 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00269_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONFILTER.DLL 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationRight_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02291U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Desert\TAB_ON.GIF 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Technic.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0240695.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\RESENDS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\rings-desk.png 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\tet\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY01572_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OUTLPH.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-oql.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_docked.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Uzhgorod 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.webapp.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-utilities_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Windows Photo Viewer\en-US\PhotoAcq.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0216588.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Generic.gif 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\amd64\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\bg\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Journal\en-US\jnwdui.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0387882.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_Casual.gif 3697516955.exe File created C:\Program Files (x86)\Windows Photo Viewer\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Core.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll 3697516955.exe File opened for modification C:\Program Files\Windows Defender\en-US\MpEvMsg.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\ENUtxt.pdf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00171_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Kentucky\Louisville 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Grid.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Earthy.css 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\icon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\AddIns.store 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ms\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\pt_PT\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\EAST_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01627_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY01590_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONTAB32.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\Center 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099151.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01568_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ContactPickerIntl.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME15.CSS 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-application.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\epl-v10.html 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-2.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Adobe.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\MST 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvm_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javafxpackager.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\ECLIPSE_.RSA 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Journal\en-US\MSPVWCTL.DLL.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115867.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR3F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL002.XML 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\da.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0386267.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_cloudy.png 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\DiagnosticsTap.dll 3697516955.exe File opened for modification C:\Program Files\SplitExport.avi 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0145707.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00433_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE05869_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_Premium.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Oasis\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ql.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mscss7cm_en.dub 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_bkg_orange.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21310_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\People\SNEEZE.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\gadget.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark_win.css 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Yekaterinburg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382960.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18227_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.renderers.swt_0.12.1.v20140903-1023.jar 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Groove.en-us\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BROCHURE.XML 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_up.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\THOCR.PSP 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Linq.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-actions.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\toc.xml 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\audio_filter\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_hi.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\Msgbox.accdt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\PYCC.pf 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPTSFrame.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\LEVEL\LEVEL.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02106_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\feature.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\EST5EDT 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Galapagos 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_top_left.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OUTLRPC.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Fiji 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Access.en-us\AccessMUISet.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0309480.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10302_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\Verisign\Components\VeriSign_Class_3_Public_Primary_CA.cer 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Yakutsk 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\pencht.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00388_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FLYERHM.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_over.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_CN_5.5.0.165303\feature.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)notConnectedStateIcon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PICCAP98.POC 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libnfs_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\desktop.ini 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_fr.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\DefaultBlackAndWhite.dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-io-ui_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeUpdater.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\StatusOnline.ico 3697516955.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceSimplifiedQuanPin.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+4 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Moncton 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0211949.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\IPDESIGN.DLL 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\hr.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_top.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\ACERECR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01470_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21433_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CERT.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\UrbanReport.Dotx 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\OrangeCircles.jpg 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_GB_EURO.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099175.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382944.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00166_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CALSO98.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.Activities.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-previous-over-select.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\weather.js 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Tell_City 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\uninstall.exe 3697516955.exe File opened for modification C:\Program Files\Windows Journal\Journal.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0324694.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Metro.eftx 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Stationery\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jawt.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\en-US\TableTextService.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\DMR_120.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7TSFrame.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-ui_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+12 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10264_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Americana.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\policytool.exe 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02743G.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_flyout.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Moscow 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN01174_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Concourse.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\11.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AXSLE.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-settings.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\splashscreen.dll 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.Runtime.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\REFINED\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02201_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\EXCEL.DEV_COL.HXC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.http.registry_1.1.300.v20130402-1529.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\SIST02.XSL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\SETLANG_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\US_export_policy.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN01216_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00438_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107132.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE01661_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21305_.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Page_PAL.wmv 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONBttnOL.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_pl.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-execution.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-lib-profiler-common.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GrayCheck\HEADER.GIF 3697516955.exe File created C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\en-US\wmlaunch.exe.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0106222.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0297757.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\ChessIconImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-threaddump_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Atikokan 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\MST7MDT 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\REFINED\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msxactps.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\Install\{ED12A50C-ADCB-4FB6-B0B7-713544A9D99B}\86.0.4240.111_chrome_installer.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198226.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File created C:\Program Files (x86)\Microsoft Synchronization Services\ADO.NET\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.DirectoryServices.AccountManagement.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0297551.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-netbeans-core.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_zh_CN.properties 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Marquesas 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\pl\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\meta\art\00_musicbrainz.luac 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\SETUP.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02829J.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\pack200.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\QUERIES\MSN MoneyCentral Investor Stock Quotes.iqy 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\WMPNSSUI.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART15.BDR 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\mainimage-mask.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\PDFSigQFormalRep.pdf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21333_.GIF 3697516955.exe File created C:\Program Files (x86)\Mozilla Maintenance Service\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSEngine.dll 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\WindowsFormsIntegration.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153313.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02749U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_disabled.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-loaders.xml 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_INTRO_BG_PAL.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\high-contrast.css 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-core-timezone-l1-1-0.dll 3697516955.exe File created C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382962.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21334_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\WINWORD.DEV_COL.HXT 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-back-static.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Yellowknife 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD15072_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21495_.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_rgb.wmv 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107300.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00837_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\INFOPATHEDITOR_COL.HXC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME52.CSS 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\ssv.dll 3697516955.exe File created C:\Program Files\Internet Explorer\SIGNUP\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\NavigationButtonSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\artifacts.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.intro_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-selector-api.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sa_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101980.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\excel.exe.manifest 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL089.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\OLJRNLR.FAE 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jli.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Monterrey 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg_sml.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql90.xsl 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME20.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\XmlFile.zip 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jconsole.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\zip.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\IPDSINTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\Xlate_Complete.xsn 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ENGLISH.LNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\LightSpirit.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\TWCUTLIN.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-output2_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN01039_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10300_.GIF 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\mux\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Adak 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\pl.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-applemenu_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-modules-appui.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\te\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libwave_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Defender\en-US\MsMpRes.dll.mui 3697516955.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceArray.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143746.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-progress-ui.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_rest.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\GMT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15276_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLOOK.DEV_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Places\RADAR.WAV 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Abidjan 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.servlet_8.1.14.v20131031.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-execution_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-options.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Outlook.en-us\OutlookMUI.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FALL_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239967.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerActionExceptionHandlers.exsd 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Garden.jpg 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsNotesBackground.wmv 3697516955.exe File opened for modification C:\Program Files\ExitPing.vstx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.equinox.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Checkers.api 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0090087.WMF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\mk.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.manipulator.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\DESIGNER\MSADDNDR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152608.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02293_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL077.XML 3697516955.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.console_1.1.0.v20140131-1639.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)notConnectedStateIcon.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PIXEL\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL075.XML 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\DMR_48.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0299763.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\ij 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-lib-uihandler_zh_CN.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ro\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Tarawa 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\AdobeID.pdf 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\TURKISH.TXT 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLENDS\BLENDS.INF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\handler.reg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00208_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\IEContentService.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSRTEDIT.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0216874.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler-charts.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_increaseindent.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\MANIFEST.MF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Pontianak 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\en-US\msaddsr.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME51.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\PersonalContact.ico 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_postage_Thumbnail.bmp 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libaiff_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Elemental.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightYellow.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\Microsoft.Office.Infopath.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightDemiBold.ttf 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dushanbe 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)notConnectedStateIcon.png 3697516955.exe File created C:\Program Files (x86)\Common Files\Adobe\Updater6\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0196060.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Thatch.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Tasks.accdt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Casey 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\back.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART12.BDR 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\MDIParent.zip 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\sports_disc_mask.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-10 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\modules\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search.api 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0285822.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_partstyle.css 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\libGLESv2.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libimem_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105600.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115839.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\WANS.NET.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-outline_ja.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange\button.gif 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_h.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\rt3d.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00435_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107728.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\BlackTieLetter.dotx 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Custom.propdesc 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\JAWTAccessBridge-64.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_10_p010_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_right_mouseover.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00186_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02369_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Urumqi 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\ED00019_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107138.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\TabIpsps.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\whitemask1047.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.extensionlocation_1.2.100.v20131119-0908.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR33B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\LOCALDV.DLL 3697516955.exe File created C:\Program Files\DVD Maker\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107502.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\BG_ADOBE.GIF 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Proof.es\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\unpack200.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+11 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ml\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\pe.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\OneNote.en-us\OneNoteMUI.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PROTTPLN.XLS 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipskor.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\settings.js 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libamem_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\OLAPPTR.FAE 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\dt_shmem.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\rightnav.gif 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\nl\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\en-US\wmpnetwk.exe.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105240.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105280.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01239_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_FormsHomePageSlice.gif 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.filesystem_1.4.100.v20140514-1614.jar 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-stdio-l1-1-0.dll 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\vcruntime140.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\vlm.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdate.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR7B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSGR3ES.LEX 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.contenttype_3.4.200.v20140207-1251.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\STSCOPY.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Lord_Howe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0199609.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSSP7ES.dub 3697516955.exe File opened for modification C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSFrontendENU.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-selector-ui.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\anevia_streams.luac 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\sl-SI\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Uzhgorod 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSOUC.HXS 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\dtplugin\deployJava1.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Bishkek 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Niue 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libsubsusf_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Photo Viewer\PhotoViewer.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\CAGCAT10.MMW 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\meta-index 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-next-static.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Sofia 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\PST8 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\AXIS\AXIS.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382969.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0400001.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\UrbanResume.Dotx 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsen.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\lt\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_snow.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MOR6INT.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\EST5EDT 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-swing-tabcontrol.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegaudio_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101867.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\TEXTBOX.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\STS2\tab_off.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN089.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\js\cpu.js 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\specialmainsubpicture.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\EXCEL.DEV_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Design.dll 3697516955.exe File opened for modification C:\Program Files\Windows Journal\NBMapTIP.dll 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\tr\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ko\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Shades of Blue.htm 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ECHO\ECHO.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04326_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01058_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB11.BDR 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-previous-static.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Slate\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\RSPMECH.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00242_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\cryptocme2.sig 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\REFINED\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_OliveGreen.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\background.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\THIRDPARTYLICENSEREADME-JAVAFX.txt 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\F12Tools.dll 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00683_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WING1.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\info.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\background.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107514.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18225_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR43F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\EMAILMOD.POC 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_LinkNoDrop32x32.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\IPIRM.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00610_.WMF 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_few-showers.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\INFOPATHEDITOR_K_COL.HXK 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Dili 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-editor-mimelookup.xml 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Conversion.v3.5.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Waveform.thmx 3697516955.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\default_apps\youtube.crx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-charts_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Resolute 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libadaptive_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099178.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00532_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\CONTACT.CFG 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ja.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightYellow\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_diagonals-thick_18_b81900_40x40.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\flyout.css 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\eBook.api 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Thule 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\video_splitter\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\PDFPrevHndlr.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00364_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01299_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\jfxmedia.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-selector-api.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0238927.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SAFRI_01.MID 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_ko.properties 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\az\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\PROOF\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382955.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01748_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\WMPDMCCore.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssBackBlue_docked.png 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\lt.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105490.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PULLQUOTEBB.DPV 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libblendbench_plugin.dll 3697516955.exe File opened for modification C:\Program Files\7-Zip\License.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libstereo_widen_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_hail.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviews_super.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\1033\MCABOUT.HTM 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0.dll 3697516955.exe File created C:\Program Files\Common Files\System\ado\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.DirectoryServices.AccountManagement.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaps.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0211981.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FORM.JS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\2 Right.accdt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_rainy.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+10 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.ComponentModel.DataAnnotations.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME41.CSS 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-multitabs.jar 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.text.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_same_reviewers.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15056_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGREPFRM.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\SEAMARBL.HTM 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InputPersonalization.exe.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\ij.bat 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Simferopol 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_sse2_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-9 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\LogTransport2.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\QUERIES\MSN MoneyCentral Investor Currency Rates.iqy 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\Beulah 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\omni.ja 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\ReadMe.htm 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SECURS.ICO 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-oql.xml 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationUp_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\tipskins.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\.lock 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libscte27_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\BLANK.ONE 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationRight_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-uisupport.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153265.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\DataServices\+NewSQLServerConnection.odc 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\VGX\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00578_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02039U.BMP 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423861261279.profile.gz 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Genko_1.emf 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\Read_Me.txt 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libaddonsfsstorage_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libglwin32_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0090777.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00395_.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Filters\odffilt.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.TH.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\HEADINGBB.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_snow.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME36.CSS 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\5.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\email_initiator.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099191.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0177806.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGHEADING.XML 3697516955.exe File created C:\Program Files (x86)\Read_Me.txt 3697516955.exe File created C:\Program Files\Mozilla Firefox\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\olh.htm 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-api-caching.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\HST 3697516955.exe File created C:\Program Files\Windows Defender\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\promointl.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101859.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00152_.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationLeft_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00910_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD02075_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.IT.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN108.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB5A.BDR 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dialdot.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\uz\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\Passport.wmv 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\uninstall\uninstall.log 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD15301_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\POWERPNT_COL.HXC 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_VideoInset.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\DefaultID.pdf 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-core-kit_ja.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\1033\EEINTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\BRANDING.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\ESEN\WT61ES.LEX 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14516_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsBlankPage.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\plugin2\msvcr100.dll 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\an\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\PDXFile_8.ico 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00373_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ONENOTE_COL.HXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\ContactSelector.ico 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Notes_content-background.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\COPYING.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Lime\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\rtscom.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-queries.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\en-US\msader15.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01146_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\1036\MSGR3FR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSSP7ES.LEX 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadco.dll 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ps\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\minidump-analyzer.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME29.CSS 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Slate\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\settings.css 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00076_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0285782.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_RGB6_PAL.wmv 3697516955.exe File created C:\Program Files\Windows NT\Accessories\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-full_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_dot.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee.dll 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\en-US\WMPSideShowGadget.exe.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ECLIPSE\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SKY\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01852_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Document.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FORM98.POC 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\de\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\rjmx.jar 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\ENES\MSB1ENES.ITS 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\dt.jar 3697516955.exe File created C:\Program Files (x86)\Common Files\System\ado\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msadrh15.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY00110_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\ISO690.XSL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\MedianMergeFax.Dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-new.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_ko.properties 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107364.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200163.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL109.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-favorites.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\MANIFEST.MF 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\Words.pdf 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\Real.mpp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185818.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00917_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBBTN.DPV 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\en-US\msdasqlr.dll.mui 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\14.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\InfoPath.en-us\SETUP.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR9F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_Groove.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_ef8c08_256x240.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02886_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\GIFT.DPV 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153514.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_LightSpirit.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\EssentialMergeLetter.dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_m.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Managua 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\en-US\msinfo32.exe.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341654.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaTypewriterBold.ttf 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_es.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0145879.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Grid.eftx 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SpringGreen\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)greenStateIcon.png 3697516955.exe File opened for modification C:\Program Files\Windows Defender\MsMpCom.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\asl-v20.txt 3697516955.exe File opened for modification C:\Program Files\MoveEnter.svg 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_hover.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\STRTEDGE\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099190.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143758.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Installed_resources14.xss 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Marquesas 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\TWCUTCHR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AboutBox.zip 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\FrameworkList.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSHY7ES.LEX 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\servertool.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Tegucigalpa 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_thunderstorm.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Apothecary.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Slipstream.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Desert\TAB_OFF.GIF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0149481.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt.hyp 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ckb\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Xml.Linq.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Palmer 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_mid.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightYellow\HEADER.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\15x15dot.png 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\mr.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.ui.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ui.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RIPPLE\RIPPLE.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR21F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSPST32.DLL 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\pt-BR\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh88 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01154_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL103.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\1.png 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\jsdbgui.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\validation.js 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.docs_5.5.0.165303.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\th\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\mobile_browse.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\LoginTool24x24Images.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Yerevan 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Budapest 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\feature.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\jp2launcher.exe 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\lua\liblua_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CASCADE\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152878.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-previous-static.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\1047x576black.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Volgograd 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\libmosaic_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00957_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\msaddsr.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Track Issues.fdt 3697516955.exe File created C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Runtime\x86\resources\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\QP.DPV 3697516955.exe File opened for modification C:\Program Files\7-Zip\7-zip.chm 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-sendopts.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Shanghai 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_sse2_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD10972_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Adjacency.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\BriefcaseIconMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\BOMB.WAV 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Scene_loop.wmv 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\6.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN086.XML 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576black.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Amman 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Mexico_City 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Santiago 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libcaf_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_dot.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\LEVEL\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DissolveNoise.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01296_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21505_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME17.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OLKFSTUB.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0090089.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\java.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Chisinau 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Tallinn 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\46.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_hail.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21413_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME54.CSS 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-swing-outline.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN011.XML 3697516955.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\DigitalInk.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.jdp_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-cli.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\logging.properties 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Godthab 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SKY\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ar.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239997.WMF 3697516955.exe File created C:\Program Files\Common Files\System\Ole DB\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_divider_left.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBSBR.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\BlackTieMergeLetter.dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cayenne 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE05870_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\CreateSpaceImage.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_right.png 3697516955.exe File created C:\Program Files\Java\jre7\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\chrome_proxy.exe 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color48.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02288_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\REMOTEL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\NAVBRPH2.POC 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\PreviousMenuButtonIcon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00438_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107154.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\DISTLSTL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\oisctrl.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.dom.svg_1.1.0.v201011041433.jar 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ml.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\ssv.dll 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Thule 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ca.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00074_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01253_.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationLeft_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_High.jpg 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.widgets.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-charts.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Dhaka 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Maldives 3697516955.exe File opened for modification C:\Program Files\Java\jre7\README.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\co\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-highlight.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libprefetch_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Publisher.en-us\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Groove.en-us\SETUP.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0148798.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Microsoft.VisualStudio.Tools.Applications.AddInManager.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_settings.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libnetsync_plugin.dll 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ug\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0233512.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00809_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115834.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Things\SHOVEL.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\OriginLetter.Dotx 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\pl\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\modules\simplexml.luac 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0090070.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Newsprint.dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)alertIcon.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\PreviousMenuButtonIconSubpi.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\dtplugin\npdeployJava1.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Novosibirsk 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_divider_left.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00165_.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14677_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\license.html 3697516955.exe File created C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_bottom.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0313896.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0285698.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\Verisign\Components\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsPreviewTemplate.html 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\drag.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt_0.12.100.v20140530-1436.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Scoresbysund 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-11 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-conio-l1-1-0.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_MCELogo_mousedown.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02439_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00444_.WMF 3697516955.exe File created C:\Program Files (x86)\Windows Defender\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\sysinfo 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\ContentDirectory.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153516.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02074_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Aspect.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PULLQUOTEBB.POC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Mawson 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Santa_Isabel 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\PSS10O.CHM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198025.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\THIRDPARTYLICENSEREADME.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\skin.dtd 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PARNT_01.MID 3697516955.exe File created C:\Program Files (x86)\Windows NT\TableTextService\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_rest.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tbilisi 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Algiers 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Bears.htm 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00918_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\icon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\38.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\trusted.libraries 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Marengo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CNFNOT32.EXE 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-windows.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Creston 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\audio_output\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Windows.Presentation.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libfreeze_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CONCRETE\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\STSLISTI.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_right_over.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-core-io-ui.xml_hidden 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\msaccess.exe.manifest 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin_2.0.100.v20131209-2144.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\jvm.lib 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\am\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\35.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\deploy.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-modules-appui.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-tools.xml 3697516955.exe File opened for modification C:\Program Files\Windows Journal\Templates\Genko_2.jtp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0297707.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\utilityfunctions.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Library\Analysis\FUNCRES.XLAM 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonUp_Off.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\orbd.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Nipigon 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BOLDSTRI\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02446_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143750.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue\HEADER.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Qatar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OFFXML.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN110.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\DataType\Status.accft 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105710.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD09031_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\1 Top.accdt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\1033\VSTAProjectUI.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Samarkand 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Boise 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Vancouver 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\CMNTY_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_hyperlink.gif 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_videoinset.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\librtp_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwasapi_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_mmx_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Outlook.en-us\SETUP.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0186346.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02074U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00221_.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\sqlxmlx.rll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_highlight-soft_75_ffe45c_1x100.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_ogg_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Peacock.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\QUAD\QUAD.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_lv.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0160590.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sampler_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.renderers.swt.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\zh_CN\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_record_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Defender\MpRTP.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00004_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01221K.JPG 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\White_Chocolate.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-dialogs.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN00914_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ZoomIcons.jpg 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-uisupport_zh_CN.jar 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01181_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02028K.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\INCOMING.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Mail\wabimp.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-4 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\MST7 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk16\windows-amd64\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0157167.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0300862.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY01462_.WMF 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-api_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\DEEPBLUE\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01468_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\INFOML.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_left.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\FAX\MedianFax.Dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-crescent_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\management.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ProjectStatusReport.potx 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\handler.reg 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\WindowsBase.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeLinguistic.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prc\MyriadCAD.otf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0233312.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\groove.net\Components\SignedComponents.cer 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSTH7EN.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Qatar 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\Read_Me.txt 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ug\LC_MESSAGES\vlc.mo 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\1033\VBUI6.CHM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341634.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR5F.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VC\msdia100.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\SessionMember.ico 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MORPH9.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\ResourceInternal.zip 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_Auto.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00453_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FINCL_02.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382942.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\an.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-application-views.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\LICLUA.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00452_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0252349.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18218_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\OliveGreen.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR34F.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgeCallbacks.h 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OSPP.VBS 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\FlickLearningWizard.exe.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tokyo 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Nome 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\logo.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\LAUNCH.GIF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\gl.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105320.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Biscay\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\library.js 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\numbase.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\drag.png 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\Read_Me.txt 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\js\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_m.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\sqloledb.rll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00126_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BZCARDHM.POC 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\javacpl.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY01563_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLOOK.DEV_COL.HXC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.win32.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Santarem 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\cs\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107344.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02405_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\EXCEL_COL.HXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_FormsHomePageBlank.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Rio_Branco 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\PreviousMenuButtonIcon.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\MANIFEST.MF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libwinhibit_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04196_.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwrenalm.dat 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\MSEnv\PublicAssemblies\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_nl.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AssemblyInfo.zip 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libpsychedelic_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\42.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152432.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0286034.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14530_.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Sync Framework\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_down.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\logger\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACERCLR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SPRING\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099145.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\validation.js 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\kinit.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\orbd.exe 3697516955.exe File created C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\cs\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libsubstx3g_plugin.dll 3697516955.exe File created C:\Program Files\Java\jre7\lib\management\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_lg.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04355_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00413_.WMF 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\rings-dock.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\bn_IN\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\CMap\Identity-V 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH02298_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18189_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsOutgoingImageMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NL7Lexicons0011.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Seoul 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Azores 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\PST8PDT 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher_1.3.0.v20140911-0143.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.views.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\JOURNAL\JOURNAL.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01064_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\EMSMDB32.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_es.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\epl-v10.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata_2.2.0.v20131211-1531.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\San_Juan 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_pressed.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\pidgenx.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00779_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Sakhalin 3697516955.exe File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationLeft_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\calendar.html 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\WATER\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382967.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02404_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Metro.xml 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\babypink.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ks_IN\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00525_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\OriginMergeFax.Dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-sampler.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_chromaprint_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EVRGREEN\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HM00114_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE01191_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR49B.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\audiodepthconverter.ax 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadcf.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.eclipse.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-oql_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00352_.WMF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\sr-spc.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\settings.html 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\35.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00197_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_SlateBlue.gif 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_copy_plugin.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\PassportMask_PAL.wmv 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\15x15dot.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-core-kit.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\jawt.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-middle.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider_left.png 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_fi.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\delete.avi 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR23F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\ChessIconImages.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00172_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TextConv\WksConv\Wkconv.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_highlight-soft_100_eeeeee_1x100.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\js\cpu.js 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Windows.Presentation.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.observable.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-nodes_zh_CN.jar 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00673L.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GreenTea.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-settings_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.alert.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18252_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ExecutiveLetter.dotx 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\D3DCompiler_47.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\button-highlight.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\South_Georgia 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\br.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00252_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00538_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143745.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_altgr.xml 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\org-openide-filesystems_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PIXEL\PIXEL.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Premium.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsColorChart.html 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-crescent.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.extensionlocation.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_CopyDrop32x32.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\FLTLDR.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOICONS.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105250.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14757_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\STOPICON.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\TEXTVIEW.JPG 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Music.emf 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-disable.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsViewAttachmentIcons.jpg 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref_PAL.wmv 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\hi.pak 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSORES.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLENDS\BLENDS.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02053J.JPG 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107314.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONPPTAddin.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-loaders.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+3 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\time-span-16.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-core_ja.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_m.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Access.en-us\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationUp_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-visual_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-modules-appui.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\ED00172_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Newsprint.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18226_.WMF 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jinfo.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Samara 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-heap-l1-1-0.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01858_.WMF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\tr.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Oslo 3697516955.exe File opened for modification C:\Program Files\Windows Photo Viewer\en-US\PhotoViewer.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\ARFR\MSB1ARFR.ITS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01628_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0251925.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Perf_Scenes_Mask1.png 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\msdaprsr.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\en-US\sqlxmlx.rll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\CST6CDT 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\SYMBOL.TXT 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Discussion\DiscussionToolIconImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files\Common Files\System\ado\msader15.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_hover.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN00932_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mset7db.kic 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\mpvis.DLL 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Extensions.Design.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187829.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0232797.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\JAVA_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_settings.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00241_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\about.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ui.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ast\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\20.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382948.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Simple.dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.HK.XML 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsnor.xml 3697516955.exe File created C:\Program Files\Java\jre7\lib\zi\Europe\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.IdentityModel.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RMNSQUE\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107152.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0199661.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21306_.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\ea.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SoftBlue\tab_on.gif 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libscte18_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0292248.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\EXCEL.HXS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_Country.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Desert.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\STS2\HEADER.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SCNPST32.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Guam 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0171847.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14997_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\MedianResume.Dotx 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsrus.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.alert.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\smtp.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-spi-actions_ja.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ia\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\greenStateIcon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search5.api 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\create_form.gif 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\META-INF\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ONGuide.onepkg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\header.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18233_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Dushanbe 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\keystore\libmemory_keystore_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Opulent.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0298897.WMF 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\manifest.json 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Faroe 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_down_BIDI.png 3697516955.exe File created C:\Program Files (x86)\Common Files\Adobe\Help\en_US\Adobe Reader\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\PICTIM32.FLT 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\YST9YDT 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\PDDom.api 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSPUB.DEV_COL.HXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSQRY32.CHM 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\images\bing.ico 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\prodbig.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-util-enumerations.jar 3697516955.exe File created C:\Program Files\Windows Photo Viewer\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\NamedURLs.HxK 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\DiagnosticsTap.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_top.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Lima 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR35F.GIF 3697516955.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceYi.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\en-US\msaddsr.dll.mui 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome_200_percent.pak 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\d3d9\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02740U.BMP 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\TipBand.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.core.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.ecore.change_2.10.0.v20140901-1043.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-multiview.xml 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.ServiceModel.Web.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187893.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382959.JPG 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationUp_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR35B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00289_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\rtscom.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH02155_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OSPP.HTM 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-sendopts.jar 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationUp_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\appletviewer.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\java-rmi.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Rainy_River 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\pt_PT\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libdummy_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.STD 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-next-static.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ECHO\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00174_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185670.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0149627.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\PRODIGY.NET.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\MS.EPS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\MAIL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00014_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\feature.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Johannesburg 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_foggy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\sqlxmlx.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\CLASSIC2.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Black Tie.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.Interop.InfoPath.SemiTrust.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Services\verisign.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGSTORY.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0301418.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\HAMMER.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL095.XML 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\npt.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Macquarie 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\MSEnv\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_center.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB4.BDR 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadce.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01235U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\bg_Premium.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSTORE_COL.HXC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\2 Top.accdt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\sqlcese35.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\3.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\pipanel.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198016.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.NO.XML 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\6.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libqsv_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0145669.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PARNT_02.MID 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\rmiregistry.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-options.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS01603_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Adobe.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\XPAGE3C.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\eclipse.inf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\EN00320_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105398.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02262_.WMF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\anevia_xml.luac 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\17.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN02122_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsHomePageStyle.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL107.XML 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Taipei 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\feature.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libasf_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18220_.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-spi-quicksearch.xml 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ro\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR48B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\XLMACRO.CHM 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Basic\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.css.sac_1.3.1.v200903091627.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-profiler.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01434_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00494_.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\1047x576black.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-6 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\nl\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EDGE\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGBORDER.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\45.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationUp_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Chita 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\firefox.exe 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\winamp2.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00351_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Lima 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-snaptracer.jar 3697516955.exe File created C:\Program Files\Java\jre7\lib\jfr\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSTORE.EXE 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-options.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Mauritius 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0106958.WMF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_gloss-wave_35_f6a828_500x100.png 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Skins\Revert.wmz 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_down.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200467.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\about.html 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationLeft_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\AUTHZAX.DLL 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\firefox.exe.sig 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00052_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152568.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00629_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0285750.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Shades of Blue.htm 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.DynamicData.Design.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01761_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00625_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Solstice.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21339_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\SEAMARBL.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.p2.ui.overridden_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\Passport_PAL.wmv 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_hr.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107130.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107350.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0384895.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00671_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21504_.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\GoldRing.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\sq\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00402_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR29B.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\extcheck.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Caracas 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\eclipse.inf 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-javahelp.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libcroppadd_plugin.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\curtains.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\zu\LC_MESSAGES\Read_Me.txt 3697516955.exe File created C:\Program Files\Java\jre7\lib\ext\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\license.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00057_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02450_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PSRCHLTS.DAT 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_down.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Kwajalein 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_flyout.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\ARFR\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14656_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\RCLRPT.CFG 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\da.pak 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\mraut.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\INDUST\INDUST.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198020.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH03224I.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Black Tie.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jvm.hprof.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Godthab 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_divider_right.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGAD.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.Design.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\default.jfc 3697516955.exe File opened for modification C:\Program Files\Windows Journal\en-US\JNTFiltr.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSPPT.OLB 3697516955.exe File created C:\Program Files\Windows Mail\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Tehran 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1046\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21390_.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\oledb32r.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider_right.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00040_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00152_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mscss7wre_en.dub 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\LICENSE 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-editor-mimelookup-impl.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler-common.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libvmem_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Photo Viewer\PhotoAcq.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\rtf_italic.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\SectionHeading.jpg 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_buttongraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\about.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.eclipse_1.1.200.v20140414-0825.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN02559_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01838_.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_selectionsubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Port_of_Spain 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\30.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0251007.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0386270.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\epl-v10.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_fr.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\eng.hyp 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\iedvtool.dll.mui 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\en-US\oledb32r.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Oral 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk15\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\pkeyconfig.companion.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00449_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\MessageHistoryIconImages.jpg 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_glass.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\content-background.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.ssl_1.1.0.v20140827-1444.jar 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\IA2Marshal.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\acro20.lng 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\weblink.api 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107494.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0136865.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\rollinghills.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0196374.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\msvcr100.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Dublin 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\he\LC_MESSAGES\vlc.mo 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\css\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\open_original_form.gif 3697516955.exe File opened for modification C:\Program Files\Common Files\System\ado\msado28.tlb 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\t2k.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\feature.properties 3697516955.exe File created C:\Program Files\Java\jre7\lib\zi\America\Kentucky\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libaribsub_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libtwolame_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\DMR_120.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Stars.jpg 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOMessageProvider.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382961.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099146.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeXMP.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\OSetupPS.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0093905.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\arrow.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_top_left.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_SelectionSubpicture.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLUEPRNT\BLUEPRNT.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FORM.JS 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\feature.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\license.html 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-gibbous_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\VSTARemotingServer.tlb 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ur.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN01084_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCDREQL.ICO 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsjpn.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\43.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\ROGERS.COM.XML 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-4 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\sentinel 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLOOK.HOL 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Guadalcanal 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-application.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\org-netbeans-core_visualvm.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Petersburg 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\submission_history.gif 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EDGE\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153398.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01123_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.di_1.0.0.v20140328-2112.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsIncomingImage.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Library\EUROTOOL.XLAM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKACC.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0216600.WMF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\kk\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_it.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-spi-quicksearch_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\RSSFeeds.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21481_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\drag.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\service.js 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_snow.png 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\uk.pak 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR28B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\ONLINE.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FLY98SP.POC 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\meta\reader\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\London 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\xul.dll.sig 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01170_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02464_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN01164_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MOR6INT.REST.IDX_DLL 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\en-US\F12Tools.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OISGRAPH.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\messageboxinfo.ico 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_winxp_blu.css 3697516955.exe File opened for modification C:\Program Files\WatchRestart.mov 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\LAYERS\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Office Classic.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\Shared16x16ImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.addons.swt.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\msxactps.dll 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\sqmapi.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\fontmanager.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Zaporozhye 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\main.css 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\logo.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\mshwLatin.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00453_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\INDUST\INDUST.ELM 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-modules-appui_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Cayenne 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0240175.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_increaseindent.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSTH7EN.LEX 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGBOXES.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-execution.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\2.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg_sml.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_MoveDrop32x32.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-awt.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\RTC.der 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaosp.dll 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\STS2\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\SDK\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_down.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-io-ui_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-lib-profiler-ui.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-api-caching.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\view.html 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libwebvtt_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_down.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME23.CSS 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\XML2WORD.XSL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)notConnectedStateIcon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL104.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\glass.dll 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14869_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21533_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Microsoft.VisualStudio.Tools.Applications.DesignTime.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\js\calendar.js 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\sr-Latn-CS\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libdmo_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\PROOF\MSWDS_FR.LEX 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CAPSULES\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL00308_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)alertIcon.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\wa\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\Tulip.jpg 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Americana\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\klist.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD01660_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00530_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00478_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00246_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\INFOPATHEDITOR_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\1047x576black.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libspeex_resampler_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00938_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR41F.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\ant-javafx.jar 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\button-overlay.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Chagos 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CONCRETE\CONCRETE.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00159_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21366_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\InfoPathWelcomeImage.jpg 3697516955.exe File opened for modification C:\Program Files\Common Files\System\wab32.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_pt_BR.properties 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_settings.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\38.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\1.7\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PARNT_05.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Foundry.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_down.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-swing-plaf.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00935_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGCOUPON.DPV 3697516955.exe File created C:\Program Files (x86)\MSBuild\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfxrt.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Noronha 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02091_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Concourse.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR31F.GIF 3697516955.exe File created C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-core.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_dot.png 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ml.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OCRHC.DAT 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\spacer_highlights.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-settings.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Rainy_River 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Rangoon 3697516955.exe File opened for modification C:\Program Files\JoinResume.dxf 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1258.TXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\STS2\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_justify.gif 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\adcvbs.inc 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SAEXT.DLL 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\Logo.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.server_8.1.14.v20131031.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\et\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\THIRDPARTYLICENSEREADME.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\skchobj.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SUMIPNTG\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\IPSEventLogMsg.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTFORM.DAT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME48.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsViewAttachmentIconsMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSGR3FR.LEX 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099154.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Jamaica 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198113.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00687_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\STS2\tab_on.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\uarrow.gif 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\tl\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ReachFramework.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105496.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105912.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\MSSPC.ECF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\SAMPLES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\2.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\about.html 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\TipRes.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CANYON\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_th.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD02158_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0196164.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Dialog.zip 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\4.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\oskmenubase.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)greenStateIcon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\setup.ini 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BREEZE\BREEZE.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Paper.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Kwajalein 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-lib-uihandler_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Vilnius 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\kn\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382963.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGACCBAR.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\CST6 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll.sig 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\3difr.x3d 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Portal\PortalConnectCore.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OneNote\SendToOneNote-PipelineConfig.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\TextFile.zip 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-uihandler.xml 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382931.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Solstice.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system.png 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.DataSetExtensions.dll 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\extensions\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-io-ui.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\Microsoft.VisualStudio.Tools.Applications.Blueprints.tlb 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0299611.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\IMAGE.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ZoomIconsMask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.text.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File created C:\Program Files (x86)\Common Files\System\ado\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\NETWORK\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239611.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\WindowsMedia.mpp 3697516955.exe File created C:\Program Files\Java\jre7\lib\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN03500_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287018.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\SubsetList\Client.xml 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\ie9props.propdesc 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\JP2KLib.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Composite.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\javaws.policy 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.jarprocessor.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\jvm.hprof.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\uz\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libdshow_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLOOK_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\correct.avi 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\macTSFrame.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\background.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18209_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\Form_StatusImage.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Oasis\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Monaco 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Defender\MpOAV.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21321_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Syowa 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\PNG32.FLT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00190_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ACWIZRC.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_TexturedBlue.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-api-search.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187861.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0196358.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Thatch.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18223_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD10290_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME11.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Perspective.dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\mip.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.DynamicData.Design.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsBlankPage.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\Welcome.html 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Belem 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_over.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\DigSig.api 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ECHO\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fontconfig.properties.src 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Kerguelen 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libvdr_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\back_lrg.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21311_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-jvm.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-api-visual.xml 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\1.0\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libvcd_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CERT98.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_h.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Canary 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.ibm.icu_52.1.0.v201404241930.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\is\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libanaglyph_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_right_mousedown.png 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Author2String.XSL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\ORG97.SAM 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Vincennes 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-tabcontrol_ja.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_standard_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\curl.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\as80.xsl 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_right_over.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmlaunch.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\clock.js 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\play-static.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-attach.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\zipfs.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD02153_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0188669.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSTINTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue\BUTTON.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_SelectionSubpictureB.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libdxva2_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\logo.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ACTIP10.HLP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\UnreadIconImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\ECLIPSE_.SF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\sound.properties 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18202_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR43B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\DISTLIST.CFG 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\oledb32.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\com-sun-tools-visualvm-modules-startup_ja.jar 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Esl\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSO.ACL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Windhoek 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOInstallerUI.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00170_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341742.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18192_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18198_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_GreenTea.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.Interop.InfoPath.SemiTrust.xml 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\fi.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\NEWS.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jmc.ini 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\settings.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00346_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02431_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GRAPH_COL.HXC 3697516955.exe File created C:\Program Files\Common Files\SpeechEngines\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\gstreamer-lite.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Executive.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR8F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN109.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dial.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\startNetworkServer.bat 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\FREN\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\HandPrints.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\VDK10.STC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Reunion 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-options_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00443_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsBrowserUpgrade.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\StatusAway.ico 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\EquityLetter.Dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\EquityResume.Dotx 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\SmallLogoCanary.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.common_3.6.200.v20130402-1505.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libt140_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00681_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0178523.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\MSOSEC.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\CHICAGO.XSL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART10.BDR 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\epl-v10.html 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\slideShow.css 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\LISTS\BASMLA.XSL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14867_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\DADSHIRT.GIF 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\nb.pak 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Optional\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01366_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107266.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185774.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\Dialog.accdt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\epl-v10.html 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\af\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00120_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0304405.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\DELIMR.FAE 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\hprof.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-spi-actions.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\ccme_base.dll 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Desert\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Biscay\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\logo.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.preferences_3.5.200.v20140224-1527.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\EST5EDT 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado27.tlb 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadcf.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00636_.WMF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\notification_plugin.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Azores 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CONTACTINFOBB.POC 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\keypadbase.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.manipulator.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util-lookup_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\adobepdf.xdc 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01954_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SWEST_01.MID 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\groove.net\Components\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGMASTHD.DPV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\dsn.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\css\calendar.css 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libdrawable_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\slideShow.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\msmgdsrv.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SMIMES.CFG 3697516955.exe File created C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Documentation\1033\License Agreements\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Swift_Current 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\INFOPATH.EXE 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationRight_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Windows Journal\Templates\Graph.jtp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01015_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Perspective.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0199727.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\META-INF\MANIFEST.MF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00276_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099168.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15132_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Thatch.dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\WINWORD_COL.HXC 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipssrb.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\vstoee.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\CT_ROOTS.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\DataServices\DESKTOP.INI 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Sort\AUTHOR.XSL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-api-visual.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Davis 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvmstat_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\1.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD00141_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\TABMASK.BMP 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_ko_KR.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00177_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_up_BIDI.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\Other-48.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-api-search.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\sq\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10267_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD10307_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\DOC.CFG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkServerCP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00184_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0237228.WMF 3697516955.exe File opened for modification C:\Program Files\Windows Journal\Templates\Month_Calendar.jtp 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\BHOINTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187835.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PRRTINST.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR10F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange\BUTTON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\SpaceSelector.ico 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_sv.properties 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_s.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.jobs_3.6.0.v20140424-0053.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1041\hxdsui.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_en.dll 3697516955.exe File created C:\Program Files (x86)\Windows NT\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\redmenu.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libcc_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SLATE\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\maintenanceservice_installer.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler_ja.jar 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\Bibliography\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\pdmproxy100.dll 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\xul.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00932_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS01634_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGMAIN.XML 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwruksh.dat 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMainMask.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Bougainville 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MAPISHELL.DLL 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_MCELogo_mouseout.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\EXITEMS.ICO 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\scene_button_style_default_Thumbnail.bmp 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\nacl_irt_x86_64.nexe 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\BIN\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaenum.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\BG_ADOBE.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OneNoteSyncPC.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL082.XML 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationLeft_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\decora-sse.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-javahelp_ja.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\ZY______.PFB 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0281008.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0384862.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21329_.GIF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\CASHREG.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double_bkg.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Oasis\HEADER.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Merida 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-heapwalker_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\VDK10.STP 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\DBGHELP.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\ARROW.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN026.XML 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationUp_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-utilities.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\drvDX8.x3d 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099185.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101865.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14752_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKREQ.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\CALENDAR.GIF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\include\win32\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\redStateIcon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LOGO98.POC 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105396.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0240189.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21300_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Biscay\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mset7fr.kic 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jstatd.exe 3697516955.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152556.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0285820.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18247_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-loaders.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Excel.en-us\ExcelMUI.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00261_.WMF 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\gadget.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\tr.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01236U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Americana.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\REMINDER.WAV 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\tipresx.dll.mui 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\meta\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01473_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Solstice.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_right.gif 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ja\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\diagnostic-command-16.png 3697516955.exe File created C:\Program Files\Java\jre7\lib\zi\America\Indiana\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\Audio-48.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\status.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\10.png 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateOnDemand.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\iexplore.exe.mui 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationLeft_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Slipstream.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD20013_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository_2.3.0.v20131211-1531.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libattachment_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\en-US\Sidebar.exe.mui 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\8.png 3697516955.exe File created C:\Program Files (x86)\Common Files\System\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0299171.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_Medium.jpg 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\mshwgst.dll 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color32.jpg 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_rest.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VGX\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02740G.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSPUB.TLB 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-api_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-api-progress.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\STUDIO\STUDIO.INF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\clock.html 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152610.WMF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuvp_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libwin_msg_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\CG1606.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00255_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239943.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00391_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\WindowsFormsIntegration.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-middle.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_performance_Thumbnail.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\THIRDPARTYLICENSEREADME.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\org-openide-modules.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\services_discovery\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Mail\wabmig.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sw.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Foundry.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME10.CSS 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\mng2.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.services.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_stl_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02169_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Person.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Document Parts\1033\14\Built-In Building Blocks.dotx 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\html\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\86.0.4240.111.manifest 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+4 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Portal\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02198_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\ADD.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\TOOLICON.ICO 3697516955.exe File created C:\Program Files\Common Files\SpeechEngines\Microsoft\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL020.XML 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\zh-CN.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\RELEASE-NOTES.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.httpcomponents.httpclient_4.2.6.v201311072007.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\co\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\features\[email protected] 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Portal\1033\PortalConnect.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Page.wmv 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\OliveGreen.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LTHD98.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationProvider.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\CONTACT.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-13 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-core.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152722.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\SETLANG.HXS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ACCWIZ\UTILITY.ACCDA 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Full\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Puerto_Rico 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ta\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_s.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_windy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382939.JPG 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_zh_CN.properties 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSSP7FR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NL7MODELS000C.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-back-static.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\layers.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-settings.jar 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\oskpredbase.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\MSB1STAR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0237336.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Lindeman 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\BIN\FPWEC.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101864.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_Country.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Biscay.css 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipscat.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EXPEDITN\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00601_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR38F.GIF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libsubsdec_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-options-api.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Reunion 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RIPPLE\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\1033\FM20.CHM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0282932.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01301_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\BTINTERNET.NET.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\cursors.properties 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\ECLIPSE_.RSA 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-options-keymap.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-favorites.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_docked.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.CSD 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InkObj.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Aspect.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00330_.WMF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\et.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia.api 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_Earthy.gif 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ar.txt 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\META-INF\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Manila 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Ndjamena 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\RemoveConfirm.ppsx 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\THEMES.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD10256_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBCOLOR.SCM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\WWINTL.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jsdt.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmprph.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsViewAttachmentIconsMask.bmp 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationLeft_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\AST4 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLUECALM\BLUECALM.ELM 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\zh-CN\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationTypes.dll 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_h.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\hr\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.sun.el_2.2.0.v201303151357.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-ui_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\README.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Web Folders\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\METCONV.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00130_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107316.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\huemainsubpicture2.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\ELPHRG01.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107750.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105504.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR51F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CLVIEW.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CSS7DATA000A.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\Adobe_Updater.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FLAP.WMF 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_m.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-last-quarter_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Recife 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\29.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01140_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD01084_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00233_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\drag.png 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\chrome.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.services_1.2.1.v20140808-1251.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\JdbcOdbc.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_cloudy.png 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\kn.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-spi-actions_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Tokyo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Response.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSPUB_COL.HXC 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Chatham 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower.png 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.intro.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\si\LC_MESSAGES\vlc.mo 3697516955.exe File created C:\Program Files (x86)\Google\Update\Install\{ED12A50C-ADCB-4FB6-B0B7-713544A9D99B}\CR_EB8C7.tmp\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00799_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0232795.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01292_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_hov.png 3697516955.exe File opened for modification C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSLoc.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-7 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\cgg\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02465_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR50B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LTHDHM.POC 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToScenesBackground.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-sampler.jar 3697516955.exe File created C:\Program Files\Java\jre7\bin\plugin2\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0241773.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02069J.JPG 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Biscay\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\VVIEWDWG.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_divider_left.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\ECLIPSE_.RSA 3697516955.exe File opened for modification C:\Program Files\Windows Journal\jnwmon.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00297_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105246.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\CLVWINTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR32F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\icon.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\ECLIPSE_.SF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\JUNGLE.HTM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01219_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\bookicon.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\ITIRCL55.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CAPSULES\CAPSULES.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341448.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00686_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Foundry.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MAPIR.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\La_Rioja 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Teal.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR51F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_right.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CONTACTINFOBB.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\add_down.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME16.CSS 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsScenesBackground.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Antigua 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423861258748.profile.gz 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui_2.3.0.v20140404-1657.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sa_ja.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\te\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105288.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\CircleSubpicture.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0295069.WMF 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_foggy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\DirectDB.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00256_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099164.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0144773.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow\TAB_ON.GIF 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationLeft_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf_3.4.0.v20140827-1444.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Ho_Chi_Minh 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\London 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\sr\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_settings.png 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_cs.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\ea-sym.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBSBR.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mscss7es.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\js\main.js 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1252.TXT 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\fil.pak 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\da\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099170.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME09.CSS 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-filesystems.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-swing-plaf.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_down.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02267_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME19.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\GREET11.POC 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\content-background.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\MANIFEST.MF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02028_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115836.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mscss7fr.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Bears.htm 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToNotesBackground.wmv 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\reflect.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\oracle.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01563_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WEB11.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double_orange.png 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-visual_ja.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)alertIcon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02009_.WMF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02750U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\J0115875.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\ACADEMIC.ONE 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SPRING\SPRING.ELM 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jhat.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jsound.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Ojinaga 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_mr.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\macroprogress.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectToolsetIconImages.jpg 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\203x8subpicture.png 3697516955.exe File created C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00222_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Hardcover.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD10289_.GIF 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-crescent.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\sl\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0145810.JPG 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SoftBlue\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Entity.Design.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToScenesBackground_PAL.wmv 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18214_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Campo_Grande 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_rainy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCDRESTL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_Premium.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_s.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\mk\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\OCT.CHM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Apothecary.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Lime.css 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\gd\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Hiring Requisition - Customized.fdt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\8.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\icucnv36.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_228ef1_256x240.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\form_responses.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00046_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLOOK.DEV.HXS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\NotifierBackgroundRTL.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\POLICIES.FDT 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationRight_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark_mac.css 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\icon.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\icon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgePackages.h 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)redStateIcon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01166_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0315580.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CDLMSO.DLL 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_down.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectToolsetIconImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSWORD.OLB 3697516955.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\misc\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsfra.xml 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\librtpvideo_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmjpeg_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0335112.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10254_.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsFormTemplate.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychartplugin_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-util-enumerations.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\mobile_equalizer.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\Issue Tracking.gta 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Vostok 3697516955.exe File created C:\Program Files\VideoLAN\VLC\skins\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\sqlite.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUB6INTL.DLL.IDX_DLL 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\ucrtbase.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ext_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\activity16v.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0279644.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0291794.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02055_.GIF 3697516955.exe File opened for modification C:\Program Files\7-Zip\7z.sfx 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-2.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.http.jetty_3.0.200.v20131021-1843.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-queries_ja.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\WPGIMP32.FLT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\WSSFilesToolIconImages.jpg 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ro.pak 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\AdobePiStd.otf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107468.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00482_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\COUPON.POC 3697516955.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-core-kit.xml 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\as_IN\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\dailymotion.luac 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libpostproc_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ADVCMP.DIC 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libd3d11va_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\librawvideo_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\logger\libfile_logger_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02097_.GIF 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\es.pak 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libspatialaudio_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-down.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\36.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\xlsrvintl.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-previous-static.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Darwin 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153273.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\Bibliography\BIBFORM.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MAPIR.DLL.IDX_DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.BusinessData.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Scoresbysund 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_snow.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\msolui100.rll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0216540.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21427_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PPINTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_VelvetRose.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings_0.10.200.v20140424-2042.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BDRTKFUL.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\timeZones.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00139_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer_3.2.200.v20140827-1444.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\wa\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_fa.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\SIGNUP\install.ins 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\CHEVRON.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square.png 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\pdm.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\logo.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.webapp.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_imem_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\IpsPlugin.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Anadyr 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\mosaic_window.html 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_dummy_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CANYON\CANYON.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04108_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Desert\HEADER.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-api-caching.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\DumontDUrville 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_PreComp_MATTE_PAL.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\eclipse.inf 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\lg\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_h.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\ACTIVITS.ICO 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santarem 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-13 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Ushuaia 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04117_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\MP00132_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\calendars.properties 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\AccessibleHandler.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libmagnify_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18257_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\CONFLICT.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\COMPUTER.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN097.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\gadget.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\epl-v10.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Tirane 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-ui_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSO.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SUMIPNTG\SUMIPNTG.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105272.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Austin.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Sts2.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\flavormap.properties 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0148309.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01701_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBREF.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WEBPAGE.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\TWRECS.DLL 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\js\slideShow.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15058_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\ExtExport.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-api-progress.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0145272.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\GlobeButtonImageMask.bmp 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\full.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\SBCGLOBAL.NET.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN054.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WORDREP.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Entity.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\sunec.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\charsets.jar 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTO\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\JNGLE_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions_Doc.css 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGTOC.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-windows.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-Bold.otf 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\1033\VBOB6.CHM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01164_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10298_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Rarotonga 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_tr.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\IntroducingPowerPoint2010.potx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Nome 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libntservice_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libblend_plugin.dll 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\info.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_up.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14711_.GIF 3697516955.exe File opened for modification C:\Program Files\CheckpointCompress.mpp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASK.CFG 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\meta\art\01_googleimage.luac 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_et.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341499.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\STORYVERTBB.DPV 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\localedata.jar 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\1047x576black.png 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\iediagcmd.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLUECALM\BLUECALM.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\EN00242_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00336_.WMF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\nb.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01743_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Module.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE04050_.WMF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\features\[email protected] 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\SignHere.pdf 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_GB.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0304861.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Filters\VISFILT.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Dawson_Creek 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\jhall-2.0_05.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Jujuy 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\gl\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\BlackTieResume.dotx 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\grid_(cm).wmf 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\sound.properties 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\logo.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PAPER_01.MID 3697516955.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\Read_Me.txt 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Push\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SIGNL.ICO 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\picturePuzzle.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\epl-v10.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\main_background.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\j2pcsc.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00235_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0297269.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Executive.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSOHTMED.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\LoginForm.zip 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kuala_Lumpur 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\hr.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Manaus 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Kentucky\Monticello 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\BIN\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Slate\TAB_OFF.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Things\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\Read_Me.txt 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\22.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105502.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationCore.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\vsta_ep32.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.intro.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.core_2.3.0.v20131211-1531.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-queries_zh_CN.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\cgg\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libxml_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_justify.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\settings.css 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\sv-SE\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\CoolType.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0103058.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsViewAttachmentIconsMask.bmp 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\uz\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\THIRDPARTYLICENSEREADME.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0227419.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsBlankPage.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\CodeFile.zip 3697516955.exe File opened for modification C:\Program Files\Common Files\System\ado\adojavas.inc 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\30.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office64.en-us\SETUP.XML 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Framework.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\QUAD\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00485_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Module.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OneNote\SendtoOneNoteFilter.gpd 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-templates.xml 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\nl\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\MSTAG.TLB 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\EN00202_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105386.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Windows Mail\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\OrielMergeFax.Dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Manila 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\Presentation Designs\Maple.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0285462.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00411_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115863.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKDECS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSYUBIN7.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Chita 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-3 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\cmm\CIEXYZ.pf 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\lg\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\LAYERS\THMBNAIL.PNG 3697516955.exe File created C:\Program Files (x86)\Google\Update\Install\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Technic.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\RSSITEML.ICO 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\rtscom.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\gadget.xml 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\sunec.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_s.png 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Xml.Linq.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Norfolk 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\msinfo32.exe.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CASCADE\CASCADE.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\EN00902_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02233_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME07.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR21F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_pressed.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\sl-SI\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\picturePuzzle.js 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\AXIS\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsViewFrame.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OneNote\SendToOneNOteFilter.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CERT.XML 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\http\images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\PROOF\MSLID.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01242_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0241781.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\POSTITL.ICO 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\perfcore.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02265_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0221903.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange\TAB_OFF.GIF 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\VERSION.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_hov.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SlateBlue.css 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Defender\MpAsDesc.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.databinding.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WSIDBR98.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SLATE\SLATE.ELM 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Minsk 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Samarkand 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_wasapi_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\DW\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0178459.JPG 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\Timeline_is.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\NOTE.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Country.css 3697516955.exe File created C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Runtime\x86\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\th-TH\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21534_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PROTTPLV.PPT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSN.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\6.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kathmandu 3697516955.exe File created C:\Program Files\Mozilla Firefox\browser\features\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02278_.WMF 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\about.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-ui_ja.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\timeZones.js 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\QRCode.pmp 3697516955.exe File created C:\Program Files (x86)\Common Files\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\QUAD\QUAD.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\vstoee90.tlb 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0222015.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationRight_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\POSTCARD.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MAPISHELL.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Lisbon 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-heapdump.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02124_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectStatusIcons.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Tijuana 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0237225.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115841.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR31B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\com-sun-tools-visualvm-modules-startup_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmkv_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_s.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_CA.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\tab_on.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down_BIDI.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libsdl_image_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-last-quarter_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL00345_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSOCF.DLL 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\16-on-black.gif 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\vlc16x16.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099173.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Templates\Presentation Designs\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMain_PAL.wmv 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-search_ja.jar 3697516955.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00784_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL010.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.addons.swt_1.1.1.v20140903-0821.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_h.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ClassicPhotoAlbum.potx 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\libxml2.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR6F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341534.JPG 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\packetizer\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ICE\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01035U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGPICCAP.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Efate 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\drag.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Soft Blue.htm 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD19828_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02125_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Currie 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Salta 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\PSCONFIG.CHM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0234001.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Technic.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14753_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\bg_SlateBlue.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Classic.dotx 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\include\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.VN.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Lime\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_m.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00397_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Guayaquil 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00783_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\attach.dll 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\INLAUNCH.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099167.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\InactiveTabImageMask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Phoenix 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.util_8.1.14.v20131031.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libddummy_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Opulent.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange\tab_on.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)grayStateIcon.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk_1.0.300.v20140407-1803.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-favorites_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\speaker-32.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libwgl_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\divider-horizontal.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmpnssci.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Buenos_Aires 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Saipan 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18208_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\SIDBAR98.POC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\COPYRIGHT 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\zu\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SoftBlue\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_LightSpirit.gif 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_LOOP_BG_PAL.wmv 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0234131.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.BusinessApplications.Runtime.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider_right.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\bandwidth.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187819.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00489_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15021_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Things\SHOT.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\Details.accdt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-ui_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\dependentlibs.list 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\EXPSRV.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\FPLACE.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00117_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN096.XML 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaBrightItalic.ttf 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00195_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0285780.WMF 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_over.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libsharpen_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msadomd.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03668_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00192_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_FormsHomePage.gif 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\on_desktop\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\modules\httprequests.luac 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libtta_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OIS_COL.HXC 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\RenderingControl.xml 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\NextMenuButtonIconSubpictur.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Sort\TAG.XSL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\OnLineIdle.ico 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\40.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_dot.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BREEZE\BREEZE.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00270_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GrayCheck\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Abstractions.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_livehttp_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\jawt_md.h 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ro\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libalphamask_plugin.dll 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_browser.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\macroprogress.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Oasis.css 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\sr-spl.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\28.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\QUERIES\MSN MoneyCentral Investor Major Indicies.iqy 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\ECLIPSE_.RSA 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\ICELAND.TXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0199465.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR44B.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Managua 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\SIDEBARVERTBB.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\EXPTOOWS.DLL 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prc\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\PROPLUS\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02025_.WMF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\js\ui.js 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-util-enumerations_ja.jar 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\update-settings.ini 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01180_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14832_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\DOCS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_orange.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\glib-lite.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Berlin 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office64.WW\Office64WW.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01145_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR6F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_decreaseindent.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\preface.htm 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaTypewriterBold.ttf 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-execution.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Word.en-us\SETUP.XML 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Oasis\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Sales Pipeline.accdt 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\STS2\HEADER.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\BG_ADOBE.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Faculty.accdt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Portable Devices\sqmapi.dll 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\co.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-image-mask.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.commands_3.6.100.v20140528-1422.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099172.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185778.WMF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\eu.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\LAUNCH.GIF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libdvdread_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Novokuznetsk 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\feature.xml 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\am\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOHEVI.DLL 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libposterize_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\27.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00090_.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\msdfmap.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BRCH98SP.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Conversion.v3.5.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10263_.GIF 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\vi\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Jerusalem 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libexport_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\47.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Module.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0293236.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14868_.GIF 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\meta_engine\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_settings.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-crescent.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0292286.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONWordAddin.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-util-enumerations_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Design.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE05930_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Hiring Requisition.fdt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\LogoDev.png 3697516955.exe File opened for modification C:\Program Files\RedoExpand.aifc 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\flyout.html 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\oledb32.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGATNGET.DPV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-jvmstat.xml 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationCore.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Civic.eftx 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Oasis\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_m.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\rmic.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+12 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Eucla 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\an\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_ring_docked.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-BoldIt.otf 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BS53BOXS.POC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\xjc.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Rothera 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libcdda_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Proofing.en-us\SETUP.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00423_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SPACE_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01298_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\adodb.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\circle_glass_Thumbnail.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0232803.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Equity.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Slipstream.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Urban.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MCPS.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN075.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.ssl_1.0.0.v20140827-1444.jar 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\feature.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\console_view.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00257_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\LoanAmortization.xltx 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_left.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_thunderstorm.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\Messenger.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSTH7FR.LEX 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\browse_window.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE05665_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14692_.GIF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\nn.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationUp_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\nbexec64.exe 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\zh_CN\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\1033\STINTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099192.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\play-background.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Contacts.accdt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santa_Isabel 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator_1.1.0.v20131217-1203.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-7 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\features\[email protected] 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\CGMIMP32.FLT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341653.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\INFOPATH_COL.HXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\RPLBRF35.CHM 3697516955.exe File created C:\Program Files\Google\Chrome\Application\86.0.4240.111\Extensions\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\msproof7.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\DMR_48.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\DELETE.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00262_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGCOUPON.XML 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_windy.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-uihandler.xml_hidden 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Spelling.api 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\Vdk10.rst 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\NotifierDisableUpArrow.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\settings.js 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Kaliningrad 3697516955.exe File created C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\_platform_specific\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_CopyNoDrop32x32.gif 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Asuncion 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\AccessWeb\RPT2HTM4.XSL 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\Read_Me.txt 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\tr-TR\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\JAWTAccessBridge-64.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02897J.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\XIMAGE3B.DLL 3697516955.exe File created C:\Program Files\Common Files\System\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00833_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-dock.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BOATINST.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-print.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\sunec.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKUPD.CFG 3697516955.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Defender\MsMpLics.dll 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\highlight.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\browse.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLUEPRNT\BLUEPRNT.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382927.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL106.XML 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Hobart 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-explorer.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\San_Luis 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kathmandu 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_it.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00527_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153307.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\ParentMenuButtonIconSubpict.png 3697516955.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.VisualBasic.Targets 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Singapore 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\glass.png 3697516955.exe File created C:\Program Files (x86)\Google\Update\Install\{ED12A50C-ADCB-4FB6-B0B7-713544A9D99B}\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\IEShims.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL00286_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CALHM.POC 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Pretty_Peacock.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\meta-index 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\STRTEDGE\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00942_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14866_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21324_.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\DirectDB.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sr.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00807_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\UrbanMergeFax.Dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.httpcomponents.httpcore_4.2.5.v201311072007.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ARCTIC\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0400002.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GreenTea.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\ENV98SP.POC 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\jce.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01842_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN107.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\SIDEBARBB.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\F12Tools.dll.mui 3697516955.exe File created C:\Program Files\Microsoft Office\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libuleaddvaudio_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01631_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21503_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\J0115855.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\NOTICE 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-utility-l1-1-0.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\INDUST\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\oledbjvs.inc 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_uk.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\DELETE.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PICTPH.POC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Belem 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\jvmti.h 3697516955.exe File opened for modification C:\Program Files\ResumeUnblock.wma 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\ICU\icudt26l.dat 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\WhiteDot.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Anchorage 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\WMPNSSUI.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02441_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ONINTL.DLL.IDX_DLL 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.config 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-highlight.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans_1.2.200.v20140214-0004.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18228_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGNAVBAR.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\NEWS98.POC 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwrenclm.dat 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\PABR.SAM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\IPOLK.DLL 3697516955.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\15x15dot.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Monaco 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\keystore\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00834_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Form.zip 3697516955.exe File created C:\Program Files\Google\Chrome\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00438_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\WINWORD.DEV_COL.HXC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\STS2\background.gif 3697516955.exe File created C:\Program Files\Internet Explorer\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\dnsns.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\eclipse.inf 3697516955.exe File created C:\Program Files\Java\jre7\lib\amd64\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Belize 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Adobe\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\ShadesOfBlue.jpg 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\d3dcompiler_47.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WEBHOME.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\PublicFunctions.js 3697516955.exe File opened for modification C:\Program Files\Windows Defender\MpClient.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Filters\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\ENES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01044_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Composite.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_center.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jps.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\SoftBlue.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0151067.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Opulent.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FLYER98.POC 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\TipTsf.dll.mui 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Eirunepe 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libps_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0090390.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SplashScreen.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Printing.dll 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\LogoCanary.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyNotesBackground_PAL.wmv 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\userContent_16x9_imagemask.png 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\msdbg2.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-actions.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\AUMProduct.aup 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SPRING\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\1033\VBENDF98.CHM 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ko.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\viewDblClick.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGTEAR.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBPQT.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_up.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msadox28.tlb 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-tools_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\psfont.properties.ja 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Engine.dll 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\demux\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_avi_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Median.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ContactPicker.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\offset.ax 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\7.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\COPYRIGHT 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\librv32_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN00015_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0309585.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Stockholm 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-keyring.xml 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\js\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_foggy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\MENUS.JS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Synchronization Services\ADO.NET\v1.0\Microsoft.Synchronization.Data.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Khartoum 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\feature.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench_1.2.1.v20140901-1244.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN01218_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00688_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\logo.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\title_trans_notes.wmv 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\1033\VBHW6.CHM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CSS7DATA0009.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Sts.css 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\vdk150.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\liblibmpeg2_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLOOK_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ACCWIZ\ACWZLIB.ACCDE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\MessageAttachmentIconImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-spi-actions.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\d3d11\libdirect3d11_filters_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SLATE\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21304_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\viewSelectionChanged.js 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\flyout.css 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\en-US\jsprofilerui.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00633_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME26.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\journal.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0318810.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsPrintTemplate.html 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\cy\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\et\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\mr\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\AdobePDF417.pmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0313970.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE05710_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\DATETIME.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Lagos 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-templates.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Auckland 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099204.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239953.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18180_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\greenStateIcon.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\epl-v10.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-utilities_ja.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\fonts\FreeSansBold.ttf 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\MediaReceiverRegistrar.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadco.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21482_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\TWRECE.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\VisioCustom.propdesc 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\ECLIPSE_.RSA 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.compatibility.state.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\locale\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1031\hxdsui.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EVRGREEN\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185796.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0195812.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\BG_ADOBE.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Amsterdam 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\liboldrc_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Hand Prints.htm 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GROOVE_COL.HXT 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\uk\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-8 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\navSubpicture.png 3697516955.exe File opened for modification C:\Program Files\EditWatch.rle 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.ecore_2.10.1.v20140901-1043.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PSRCHPHN.DAT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\OUTLVBA.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_mid.gif 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base.xml 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ps\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libbluescreen_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107708.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153091.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01241_.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1036\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\splashscreen.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DVDHM.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\ENFR\MSB1ENFR.ITS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\VOLTAGE.WAV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.docs.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_hail.png 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateBroker.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00441_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH00601G.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSHY7ES.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\weather.css 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\lt\LC_MESSAGES\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Adobe\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\OUTGOING.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\RTFHTML.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Knox 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.update\Read_Me.txt 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\THIRDPARTYLICENSEREADME-JAVAFX.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18256_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_cloudy.png 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\sqlxmlx.dll 3697516955.exe File opened for modification C:\Program Files\Windows Journal\Templates\To_Do_List.jtp 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\STRTEDGE\STRTEDGE.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02443_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GrayCheck.css 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Library\Analysis\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_choosefont.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\MDIParent.zip 3697516955.exe File created C:\Program Files\Java\jre7\bin\server\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099157.JPG 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BANNER.DPV 3697516955.exe File created C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.commands.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\POSTIT.CFG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\rarrow.gif 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationRight_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaTypewriterRegular.ttf 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\vlm_export.html 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libmirror_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153518.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\GRAPH.EXE 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\lt-LT\tipresx.dll.mui 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\AccessWeb\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MYSL.ICO 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonUp_On.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287415.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE01172_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\INVITE11.POC 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Word.en-us\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0151041.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH03205I.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_alignleft.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\San_Juan 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\mix.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring_ja.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ia\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\soundcloud.luac 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ECLIPSE\ECLIPSE.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\DEEPBLUE\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationLeft_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01472_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0302953.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\EquityMergeFax.Dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00148_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\dt_shmem.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-new.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\WHOOSH.WAV 3697516955.exe File created C:\Program Files\DVD Maker\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\default.vlt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01682_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01063_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\default_apps\drive.crx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_basestyle.css 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1257.TXT 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\CGMIMP32.FNT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00443_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198022.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\RESEND.CFG 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToScenesBackground_PAL.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\about.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application_5.5.0.165303.jar 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-crescent_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00444_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287020.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME31.CSS 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadcs.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-full.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\MST7MDT 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\sbdrop.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10297_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL026.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-windows.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Winamac 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\management\jmxremote.access 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Prague 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\fonts\FreeSans.ttf 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\settings.css 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\People\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\content-foreground.png 3697516955.exe File created C:\Program Files\Google\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libpng_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.LIC 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\uz.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ql.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-lib-uihandler.xml 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-math-l1-1-0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0146142.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01843_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\POWERPNT.DEV_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainBackground.wmv 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\19.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18235_.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\FlickLearningWizard.exe 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382836.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_bkg.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\title.htm 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ky\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\ZoneInfoMappings 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Explorer.zip 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\203x8subpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-attach_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\gu\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\bl.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00236_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0289430.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01905_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15057_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-autoupdate-services.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AXE8SharedExpat.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-It.otf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099187.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR37F.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.base.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\skins\fonts\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libfluidsynth_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Winamac 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1046\hxdsui.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01160_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\OutlineToolIconImages.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\java.exe 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome.dll.sig 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\MET 3697516955.exe File created C:\Program Files (x86)\Mozilla Maintenance Service\logs\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\UTC 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libes_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\icon.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\feature.properties 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONFILTER.DLL 3697516955.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.observable_1.4.1.v20140210-1835.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02373_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Main.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR1B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\WMPDMC.exe.mui 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\jp2native.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_pt_BR.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Mahe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\TipRes.dll.mui 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application-views_zh_CN.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\kn\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libgestures_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PAPYRUS\PAPYRUS.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14533_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\classlist 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Prague 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\CST6 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_mpjpeg_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\AFTRNOON\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD01176_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02413_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00941_.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_VideoInset.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SPANISH.LNG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santo_Domingo 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ug\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL00298_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BCSEvents.man 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\settings.js 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_uparrow.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\13.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Web Folders\MSOSV.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01168_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-api_ja.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00267_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Biscay.css 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmplayer.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.core.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0212751.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0217872.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18185_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsBrowserUpgrade.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\LINEAR_RGB.pf 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsNotesBackground_PAL.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Rankin_Inlet 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_orange.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1036\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGREPFRM.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\REVERSE.DLL 3697516955.exe File created C:\Program Files\Google\Chrome\Application\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-sampler.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\3.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EXPEDITN\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SUMIPNTG\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\WINWORD.DEV.HXS 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Bermuda 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RIPPLE\RIPPLE.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0086384.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\rtf_choosefont.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\SAVE.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-crescent.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred.xml 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\gu\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02466U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Angles.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLLIBR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKREQL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\TABOFF.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\kcms.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt04.hsp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02950_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02748U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\STS2\header.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.runtime_3.10.0.v20140318-2214.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\23.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\10.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\epl-v10.html 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\720_480shadow.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\spu\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Web Folders\1033\MSOSVINT.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msaddsr.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00018_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME32.CSS 3697516955.exe File opened for modification C:\Program Files\CheckpointImport.xlt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multiview_ja.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0149887.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ACCVDTUI.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_mid_disable.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\VIEW.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSOHEVI.DLL 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-next-static.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107328.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH03041I.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14565_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_rest.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPCEXT.DLL 3697516955.exe File created C:\Program Files\Windows Defender\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200279.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Runtime\x86\FeedSync.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_few-showers.png 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\41.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01777_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceDaYi.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-annotations-common_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\1047x576black.png 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\en-US\F12.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB5B.BDR 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGPQUOT.XML 3697516955.exe File opened for modification C:\Program Files\Common Files\System\ado\msadomd.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Troll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\equalizer_window.html 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Main_Gradient.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can129.hsp 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\MSOINTL.REST.IDX_DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR51B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\RES98.POC 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\MemoryAnalyzer.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_hail.png 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationTypes.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libau_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18215_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14515_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GrayCheck\HEADER.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGLINACC.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\dcpr.dll 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\FrameworkList.xml 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ro.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Sitka 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_settings.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\RICHED20.DLL 3697516955.exe File created C:\Program Files (x86)\Google\Update\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\jsoundds.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-masterfs-nio2.xml 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\te\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\favicon.ico 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_right.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\STUDIO\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TextConv\WPFT532.CNV 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonInset_Alpha2.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL096.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\DESIGNER.ONE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Flow.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-attach.xml 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\WMPSideShowGadget.exe 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\FRAR\Read_Me.txt 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-profiling.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\fr\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\34.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\AddToViewArrowMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_settings.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\performance.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_rainy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\en-US\wab32res.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01039_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02120_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Waveform.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Lime.css 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMainMask_PAL.wmv 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\CGMIMP32.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SCHOL_02.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OFFOWCI.DLL 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Kentucky\Louisville 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\lg\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\da\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Hardcover.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OISAPP.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\META-INF\MANIFEST.MF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03236_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\SUCTION.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL105.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\System.AddIn.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-hot.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_windy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\en-US\msadcor.dll.mui 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\GROOVEMN.EXE 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\msvcr100.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_dot.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Waitcursor.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\MENU98.POC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.update\platform.xml 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\specialoccasion.png 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ko.pak 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_MCELogo_mouseover.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\LAYERS\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382958.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0297749.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationLeft_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Dawson 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185798.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-autoupdate-ui.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libmotiondetect_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCDRESPS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\FrameworkList.xml 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_MATTE2_PAL.wmv 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\networkinspection.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\imap.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02742G.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\NOTEL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\MedianLetter.Dotx 3697516955.exe File created C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\rmid.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Cayman 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Pangnirtung 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_rest.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEEXCL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\msdbg2.dll 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\he.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\APPLAUSE.WAV 3697516955.exe File created C:\Program Files (x86)\Windows Defender\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105410.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiler_ja.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\kk\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_gather_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\airappinstaller.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\INFOPATH_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files\DVD Maker\en-US\WMM2CLIP.dll.mui 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02045_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0212219.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GRAPH_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Desert\TAB_OFF.GIF 3697516955.exe File created C:\Program Files\Windows Sidebar\Shared Gadgets\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Americana\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN095.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0293238.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Sakhalin 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\WebKit.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLUECALM\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0195260.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Oriel.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GROOVE.HXS 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\POSTCD11.POC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\AUTHORS.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\TexturedBlue.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSCOL11.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\TECHTOOL.GIF 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\vi.pak 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\FAX\OriginFax.Dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\jawt.lib 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACER3X.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\WATER\WATER.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PSSKETLG.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00416_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\WebToolImages16x16.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Status Report.fdt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ca.pak 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\activity16v.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LABELHM.POC 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\cmm\LINEAR_RGB.pf 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_cycle_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libtdummy_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01255G.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\EntityPicker.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-heapdump_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\locale\updater_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\VERSION.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Simferopol 3697516955.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceDaYi.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCDRESPL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Lime\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB9.BDR 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Filters\offfiltx.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\VISSHE.DLL 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00068_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\MST7MDT 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-utilities.xml 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1040\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01770_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue\background.gif 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VC\msdia90.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD09664_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00943_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02794_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\AUTOSHAP.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\OOFTMPL.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_rainy.png 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\it.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\OrielMergeLetter.Dotx 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_de.properties 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\grayStateIcon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY01253_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGDOTS.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ExpenseReport.xltx 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotslightoverlay.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_sse2_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\MSClientDataMgr\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00494_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00555_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14830_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR43F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Casual.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-profiling.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\settings.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\NVBELL.NET.XML 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\co\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TextConv\WPEQU532.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Computers\computericonMask.bmp 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ru.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\meta-index 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Nassau 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libflaschen_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099182.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0212953.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0199755.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.KR.XML 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationRight_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\AppConfigurationInternal.zip 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Luna.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB2B.BDR 3697516955.exe File created C:\Program Files\Java\jre7\lib\zi\America\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-12 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\gadget.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Solstice.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0301480.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\TexturedBlue.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FLYER.XML 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-over-DOT.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SCNPST64.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.diagnostic.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.workbench.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-sa.xml 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\stream_filter\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\setting_back.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-first-quarter_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PSRETRO.WMF 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME02.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME43.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\StatusDoNotDisturb.ico 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\47.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02073_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Honolulu 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\feature.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jmx_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00231_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0252629.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\rtf_spellcheck.gif 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\fa.pak 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Defender\en-US\MpEvMsg.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.IN.XML 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_LOOP_BG.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_winxp_olv.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\MANIFEST.MF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-annotations-common_ja.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ru\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\Setup.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0232395.WMF 3697516955.exe File created C:\Program Files\7-Zip\Lang\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\SPACER.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Things\HORN.WAV 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\jp2ssv.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\jsdt.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_sv.properties 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\WINWORD_COL.HXT 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-background.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Copenhagen 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Port_Moresby 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0228823.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\rtstreamsink.ax 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\1047x576black.png 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\plugin-container.exe.sig 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\drvDX9.x3d 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPCEXT.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\PROOF\MSWDS_ES.LEX 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02503U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01304G.GIF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\th.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\fur\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\hu\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ARCTIC\ARCTIC.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\MUSIC_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21320_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\AccessWeb\CLNTWRAP.HTM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SpringGreen\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kolkata 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\LAUNCH.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\olh001.htm 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\tet\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\VBAJET32.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsViewFrame.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_Groove.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\St_Johns 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02435_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\PMAILEXT.ECF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONLNTCOMLIB.DLL 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\security\local_policy.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-charts.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-host-remote.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Anchorage 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\en_GB\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLENDS\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\AddToViewArrowMask.bmp 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPHandle.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libgl_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02022_.WMF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\tt.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdate.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01162_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107134.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0188679.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\stdole.dll 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\fr.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153305.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OUTLCTL.DLL 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\default_apps\gmail.crx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0088542.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0234687.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\SOCIALCONNECTORRES.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\DESKSAM.SAM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00454_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.repository.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\jdwp.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART13.BDR 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref.wmv 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\settings.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0314068.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSPUB_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL011.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_down.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Madrid 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\EURO\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_US_POSIX.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105376.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\BCSRuntimeRes.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Welcome Tool\IconImagesMask.bmp 3697516955.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\SubsetList\Read_Me.txt 3697516955.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\Read_Me.txt 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\skchui.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Pushpin.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGLOGO.DPV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jstack.exe 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\nn\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\firefox.VisualElementsManifest.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01586_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\flyout.html 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\el.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\larrow.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.docs.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.garbagecollector_1.0.200.v20131115-1210.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Iqaluit 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-core-localization-l1-2-0.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libdcp_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsdan.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0234376.WMF 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\add_over.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\epl-v10.html 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME30.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\PicturesToolIconImages.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NAMECONTROLSERVER.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-first-quarter.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\SoftBlue.jpg 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01923_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormToolImages.jpg 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\msdarem.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\STS2\background.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\People\Whistling.wav 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\EmptyDatabase.zip 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0250997.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPBlue.png 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\avtransport.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\13.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyrun.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_windy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\MSB1AR.LEX 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0183574.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Equity.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\OMSSMS.CFG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.base_4.0.200.v20141007-2301.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NL7Data0011.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-first-quarter_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double_bkg.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PROFILE\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\ResourceInternal.zip 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_rest.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\XDPFile_8.ico 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.RSA 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.ecore.xmi_2.10.1.v20140901-1043.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-multitabs.xml 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\crashreporter-override.ini 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\EQNEDT32.CNT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Things\SPLASH.WAV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Adelaide 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MLSHEXT.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\ALERT.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\EScript.api 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LTHD98SP.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\1.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Nicosia 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\mobile.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE01160_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Paramaribo 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Tijuana 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Speech.dll 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18211_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PPSLAX.DLL 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationUp_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-BoldOblique.otf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00462_.WMF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\playlist.json 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Stucco.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\ZoneInfoMappings 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\eclipse_update_120.jpg 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\FORMS\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_SlateBlue.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\MedianMergeLetter.Dotx 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\TipRes.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Esl\AiodLite.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\OPHPROXY.DLL 3697516955.exe File created C:\Program Files (x86)\Common Files\System\MSMAPI\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0102594.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0232393.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SECRECL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\WinFXList.xml 3697516955.exe File opened for modification C:\Program Files\Windows Defender\MsMpLics.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21323_.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\en-US\msadcor.dll.mui 3697516955.exe File opened for modification C:\Program Files\Windows Defender\MpOAV.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01130_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01157_.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105276.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Templates\Read_Me.txt 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\dtplugin\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ru.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Syowa 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Guam 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_stats_plugin.dll 3697516955.exe File created C:\Program Files\WindowsPowerShell\Configuration\Schema\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_rainy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ONENOTE_COL.HXC 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationUp_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\StaticText.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\activity16v.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR48F.GIF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\SplashImageMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-first-quarter_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationUp_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD08868_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\TexturedBlue.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-explorer_ja.jar 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\wmlaunch.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Office Classic 2.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR26F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR29F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR43B.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Halifax 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jabswitch.exe 3697516955.exe File created C:\Program Files\Java\jre7\lib\zi\America\Argentina\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Ceuta 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0195428.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0241043.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LABEL.XML 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\ielowutil.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\setup.swf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\APA.XSL 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Vladivostok 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-host-remote.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_rest.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsptg.xml 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Mail\wab.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198712.WMF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-application-views.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGZIPC.XML 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Pine_Lumber.jpg 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\IpsMigrationPlugin.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\15x15dot.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\feature.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.diagnostic.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\policytool.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\INDUST\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdasqlr.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\osknumpadbase.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\menu_arrow.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\43.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions_Response.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL00256_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Grayscale.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR44F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_Casual.gif 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationUp_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Brunei 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Volgograd 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\access-bridge-64.jar 3697516955.exe File created C:\Program Files\Mozilla Firefox\gmp-clearkey\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Newsprint.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_justify.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PG_INDEX.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\stopNetworkServer 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\native2ascii.exe 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Printing.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\macroprogress.gif 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Installer\setup.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\VisualElements\VisualElements_150.png 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\wmplayer.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02753U.BMP 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0217302.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_settings.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)grayStateIcon.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\skin.catalog 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00218_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\CalendarToolIconImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ApothecaryNewsletter.dotx 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\plugin-container.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Menominee 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Madrid 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annots.api 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\AXIS\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0283209.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsViewAttachmentIcons.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.ServiceModel.Web.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationLeft_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.ui_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Almaty 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_floating.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_shared.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101856.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02280_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02439_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Johannesburg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\GostTitle.XSL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Urban.eftx 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\js\settings.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0304933.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSSP7EN.dub 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\TEAROFF.POC 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libgme_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libyuv_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\Informix.xsl 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01772_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341636.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00095_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR51B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Lime\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.xml_1.3.4.v201005080400.jar 3697516955.exe File created C:\Program Files\Google\Chrome\Application\86.0.4240.111\Installer\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaSansRegular.ttf 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\MS.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0293844.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21348_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Biscay\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\IPOLKINTL.DLL 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationLeft_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GreenTea.css 3697516955.exe File created C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_SlateBlue.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\en-US\sbdrop.dll.mui 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Csi.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libts_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSOUC_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Jayapura 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\search_background.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00638_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ospintl.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGPQUOT.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\TWRECC.DLL 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmod_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\w2k_lsa_auth.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Panama 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\ECLIPSE_.SF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-util-enumerations.xml 3697516955.exe File opened for modification C:\Program Files\Windows Journal\en-US\NBMapTIP.dll.mui 3697516955.exe File created C:\Program Files (x86)\Common Files\System\MSMAPI\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_alignleft.gif 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationUp_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\RESUME.XML 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\liba52_plugin.dll 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\.settings\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.net.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\micaut.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0145904.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14980_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\curl.png 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\jsprofilerui.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Marengo 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_foggy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Csi.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Slate\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR8F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\VVIEWRES.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\MessageHistoryIconImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\tipresx.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\builtincontrolsschema.xsd 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\hu\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_duplicate_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_rtp_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RADIAL\RADIAL.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099165.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152570.WMF 3697516955.exe File opened for modification C:\Program Files\UndoConvert.wav 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_down_BIDI.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02426_.WMF 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\on_desktop\slideshow_glass_frame.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\QUAD\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\QRYINT32.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\AUTHZAX.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Maroon.css 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-ui.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh89 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD00155_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0090781.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00563_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\fxplugins.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0294991.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0302827.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21335_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\wmpnssui.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-openide-compat.xml_hidden 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Helsinki 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-api_ja.jar 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.VisualC.STLCLR.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_Casual.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Library\SOLVER\SOLVER.XLAM 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Miquelon 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\F12.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Sydney 3697516955.exe File created C:\Program Files\Java\jre7\lib\zi\Etc\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Utilities.v3.5.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VBA\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\AXIS\AXIS.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Foundry.xml 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\id.pak 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0293570.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\EMABLT32.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\ENVELOPE.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\Microsoft.stdformat.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Thatch.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\ActionsPane3.xsd 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0150150.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153087.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0301052.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15133_.GIF 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\bs\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\jmxremote.access 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jmx.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Melbourne 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\default_apps\external_extensions.json 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00693_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382966.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsPrintTemplate.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OCRVC.DAT 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_settings.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-border.png 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\daisies.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsdeu.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Baku 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Proof.en\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107748.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00806_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21331_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBWZINT.REST.IDX_DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Singapore 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Yerevan 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\librawdv_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Portal\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115835.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Discussion.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-progress.jar 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\db\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jdwp.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\net.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\rings-desk.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0195342.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02845G.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00486_.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonInset_Alpha1.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14710_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Basic\DEFAULT.XSL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\FLASH.NET.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSHY7EN.LEX 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBPQT.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0299587.WMF 3697516955.exe File created C:\Program Files\Windows Sidebar\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\fa\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-fallback_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-io.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_bkg.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\pmd.cer 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jabswitch.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKREQS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.DE.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked-loading.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ICE\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument.v9.0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msdaprsr.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD02141_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00011_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-new.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-14 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ca\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ja\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\XLCALL32.DLL 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\et.pak 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02262_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Oasis.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-profiler.xml 3697516955.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04174_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01291_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099169.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0177257.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SpringGreen\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-coredump.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Pontianak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\license.html 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile_bezel.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\drag.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\end_review.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Colombo 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-1 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\br\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\PipeTran.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Maceio 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Angles.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Executive.xml 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-3.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD10219_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR1F.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\DocumentShare\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-runtime-l1-1-0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-Oblique.otf 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-gibbous.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\COMPASS\COMPASS.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SATIN\SATIN.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00297_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Concourse.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\background.gif 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_videoinset.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\GIFT98.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\InfoPathOMFormServicesV12\Microsoft.Office.Infopath.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Projects.accdt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Brussels 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\EXP_XPS.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02746U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL01395_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Pushpin.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Assets.accdt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\3.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Goose_Bay 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_thunderstorm.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01630_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0251871.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\3.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\etc\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Eurosti.TTF 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\js\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\INFOPATH_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\TABON.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\wlsrvc.dll 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ast.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\sqlceme35.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipshrv.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msjro.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0281243.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN01308_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR11F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\utilityfunctions.js 3697516955.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PrivateAssemblies\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\rt.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\jmxremote.password.template 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\license.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerEvaluators.exsd 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.security.win32.x86_64_1.0.100.v20130327-1442.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSACCESS.HXS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSACCESS_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\auxbase.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\feature.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\epl-v10.html 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\Beulah 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\RenderingControl.xml 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\on_desktop\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\distribute_form.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ECHO\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Tongatapu 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\excelcnv.exe 3697516955.exe File created C:\Program Files (x86)\Microsoft Synchronization Services\ADO.NET\v1.0\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PROFILE\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\plugin2\msvcr100.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\currency.data 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\logo.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-full_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSACCESS_COL.HXT 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\artifacts.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_up.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152628.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00272_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Kiev 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\telnet.luac 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl\HEADER.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\attention.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\BriefcaseIcon.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.jsp.jasper.registry_1.0.300.v20130327-1442.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Vladivostok 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_gtk.css 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\ESEN\MSB1ESEN.ITS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02413_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Defender\en-US\MpAsDesc.dll.mui 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-back-over-select.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\JdbcOdbc.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Regina 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR15F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\ODBC.SAM 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\join.avi 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_down.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21342_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Premium.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Earthy.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.batik.util_1.7.0.v201011041433.jar 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-highlight.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javap.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00405_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Document Parts\1033\14\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCDCNCLL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\messageboxalert.ico 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_dot.png 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Noumea 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\jquery-ui-1.8.13.custom.css 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\InfoPathOMV12\Microsoft.Office.InfoPath.xml 3697516955.exe File opened for modification C:\Program Files\Common Files\System\ado\msadox28.tlb 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-image-inset.png 3697516955.exe File opened for modification C:\Program Files\ProtectMeasure.DVR 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\APPTL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PS9CRNRH.POC 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\15x15dot.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.lucene.analysis_3.5.0.v20120725-1805.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-autoupdate-cli.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-host.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Goose_Bay 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.IdentityModel.Selectors.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Irkutsk 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-util.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\wab32res.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0178348.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02253_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD15156_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-new_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\SmallLogoBeta.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Grand_Turk 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\feature.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\New_York 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libgnutls_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\Services\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLLIBR.REST.IDX_DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\VSTAClientPkg.dll 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\applet\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\server\Xusage.txt 3697516955.exe File opened for modification C:\Program Files\Windows Journal\Templates\Shorthand.jtp 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\xmlrwbin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00564_.WMF 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\pt-PT\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\flight_recorder.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\hrtfs\dodeca_and_7channel_3DSL_HRTF.sofa 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_WMC_LogoText.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider_right.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\JOURNAL\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\localizedSettings.css 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\InkDiv.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PPINTL.REST.IDX_DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00299_.WMF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libhttps_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02412K.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SlateBlue.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\OutlineToolIconImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-core-kit.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WEBPAGE.XML 3697516955.exe File created C:\Program Files\Java\jre7\lib\applet\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\gui\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Mail\wabfind.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\OLJRNL.FAE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NL7Models0011.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Kerguelen 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\tzmappings 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00178_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OMSXP32.DLL 3697516955.exe File opened for modification C:\Program Files\DVD Maker\OmdProject.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\wsdetect.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\EET 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00274_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0313974.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\ACCOLK.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\STORYBB.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\TWLAY32.DLL 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\libGLESv2.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Synchronization Services\ADO.NET\v1.0\Microsoft.Synchronization.Data.SqlServerCe.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+7 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-first-quarter.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\CARBN_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE.MANIFEST 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\awt.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Rangoon 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14768_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\POSTL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\GRIPMASK.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\en-US\ImagingDevices.exe.mui 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ta.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javacpl.cpl 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Riga 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow.css 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\wsgen.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AGM.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0183172.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\STUBBY1.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\bg_Groove.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\PAWPRINT.HTM 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.Runtime.dll 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\en-US\mpvis.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382926.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1036\MSO.ACL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\IPMS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SECRECS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS01635_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGCHKBRD.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\validation.js 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-10 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\tl\LC_MESSAGES\vlc.mo 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)greenStateIcon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0313965.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsMacroTemplate.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WORDREP.DPV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Barbados 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-ui_ja.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\VDK10.SYD 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099188.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Essential.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_h.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\date-span-16.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN01165_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Bogota 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\blacklist 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Nauru 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\bn\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0235319.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Custom.propdesc 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.MX.XML 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-phonetic.xml 3697516955.exe File created C:\Program Files\Common Files\System\msadc\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground_PAL.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_de_DE.jar 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107288.WMF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\gu.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationRight_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-services_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sampler_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\pack200.exe 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\AccessibleMarshal.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01357_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15168_.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\sk-SK\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01744_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SCANPST.EXE 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\libvlccore.dll 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-compat.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Aqtobe 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\gd\LC_MESSAGES\Read_Me.txt 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS01080_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0196142.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationUp_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00735_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\TaskbarIconImages256Colors.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02752U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\ROAD_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14595_.GIF 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\sq\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\license.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-swing-tabcontrol.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\bg_Casual.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\en-US\Sidebar.exe.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Srednekolymsk 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.ui.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-core-kit.xml_hidden 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01152_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198447.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightYellow\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OART.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\CURRENCY.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Filters\msgfilt.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\boot.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD01659_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0238333.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02578_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Marketing Projects.accdt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\plugin.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\El_Salvador 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Mexico_City 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-selector-ui.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libvhs_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\JOURNAL\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01065_.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-lib-uihandler.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN01044_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0172035.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.net.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ug.txt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\MEIPreload\preloaded_data.pb 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-uihandler_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\fontmanager.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaorar.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01013_.WMF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ext.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18201_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21302_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ApothecaryLetter.dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\WidescreenPresentation.potx 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmpconfig.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PSSKETSM.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Fortaleza 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0182898.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange\background.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\utilityfunctions.js 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setEmbeddedCP 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\batch_window.html 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1036\hxdsui.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR45B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\OLTASK.FAE 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-gibbous_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105368.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\New_Salem 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libcvdsub_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15023_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\NotifierWindowMaskRTL.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\WHITEBOX.JPG 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationLeft_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Oasis.css 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_flat_10_000000_40x100.png 3697516955.exe File created C:\Program Files\DVD Maker\Shared\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-text.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-awt.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Fiji 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01875_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0230553.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21421_.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\ado\msadomd28.tlb 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21434_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Easter 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-charts.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\modules\sandbox.luac 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0202045.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_down.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyNotesBackground.wmv 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\modules\common.luac 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\info.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\AFTRNOON\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Modern.dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\DataType\Phone.accft 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\feature.xml 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLUEPRNT\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR44F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_cloudy.png 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\manifest.json 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0387337.JPG 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\MEDIA\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BZCD98SP.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PIXEL\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Tongatapu 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\fi\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_no.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00176_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR46F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_pressed.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OFFOWC.DLL 3697516955.exe File opened for modification C:\Program Files\Common Files\System\ado\msadox.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeCollabSync.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\PROOF\MSWDS_EN.LEX 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14531_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsImageTemplate.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-selector-api.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00557_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01069_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.CN.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\StandardBusiness.pdf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01169_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD07831_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\BCSAddin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\RESP98.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateSetup.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\NETWORK\NETWORK.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04235_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099155.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL00452_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21314_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow\HEADER.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkClientCP 3697516955.exe File created C:\Program Files\Reference Assemblies\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-3 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\YST9YDT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\groove.net\ManagedObjects\SignedManagedObjects.cer 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FORMCTL.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_pressed.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Los_Angeles 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2native.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Mendoza 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_es.properties 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\lv\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\New_Skins.url 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\FRAR\MSB1FRAR.ITS 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\tnameserv.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\JFONT.DAT 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-down.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\utilityfunctions.js 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.di.extensions_0.12.0.v20140417-2033.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-api_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-options-api.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\librotate_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEOLEDB.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00296_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107090.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02567J.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME44.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR25F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Mail\msoe.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02368_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\jni_md.h 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-keyring-fallback.xml 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\uk.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\fxplugins.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Sofia 3697516955.exe File opened for modification C:\Program Files\Windows Defender\MsMpRes.dll 3697516955.exe File opened for modification C:\Program Files\Windows Journal\en-US\PDIALOG.exe.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOffNotificationInTray.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\pipres.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107254.WMF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ka.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10335_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21295_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0305493.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\JSProfilerCore.dll 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\groove.net\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Lord_Howe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-print.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Norfolk 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\NEWS.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\ESEN\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152626.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\1 Right.accdt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Brisbane 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\photograph.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\ECLIPSE_.RSA 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\MANIFEST.MF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0151047.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\CNFNOT.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGNAVBAR.DPV 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\kinit.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-annotations-common.jar 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1028\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00512_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR2B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormToolImages.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_hover.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\highlight.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jvm.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\css\calendar.css 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msadomd28.tlb 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\OFFICE10.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Teal.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ExecutiveNewsletter.dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Bangkok 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ach\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\msdatl3.dll 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\en_GB\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Extensions.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\add_down.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\CsiSoap.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00224_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN027.XML 3697516955.exe File opened for modification C:\Program Files\7-Zip\descript.ion 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Trans_Scene_PAL.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-progress_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEES.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00602_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_underline.gif 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ms.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\logo.png 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00820_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Americana\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_cdg_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_m.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02759J.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\CollectSignatures_Init.xsn 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\DataType\Name.accft 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\JavaAccessBridge-64.dll 3697516955.exe File created C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\_platform_specific\win_x64\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Installer\chrmstp.exe 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Clarity.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\POWERPNT.DEV_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FRENCH.LNG 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\LightBlueRectangle.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_up.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Students.accdt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Bishkek 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\Read_Me.txt 3697516955.exe File created C:\Program Files\Microsoft Office\Office14\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01236_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BORDERBB.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmpshare.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Dawson 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PIXEL\THMBNAIL.PNG 3697516955.exe File created C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\86.0.4240.111\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-host-views.xml 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\GRDEN_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationClientsideProviders.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToNotesBackground.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-dialogs.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\management-agent.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01848_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00898_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Elemental.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\1033\CAGCAT10.MML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18250_.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PROGRAM.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR22F.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-output2.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\NETWORK\NETWORK.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\F12Tools.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\ERROR.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_bullets.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.lucene.core_3.5.0.v20120725-1805.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\email_all.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\IRIS\IRIS.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00641_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsViewAttachmentIcons.jpg 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Extensions\external_extensions.json 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\brx\LC_MESSAGES\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\fi\LC_MESSAGES\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\mn\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\id\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\JOURNAL\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormToolImages.jpg 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\MANIFEST.MF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\sr\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\d3d9\libdirect3d9_filters_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FINCL_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099198.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME12.CSS 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\de.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Barbados 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\notConnectedStateIcon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BULLETS.DLL 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Templates\1033\FAX\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Catamarca 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02451_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FORM.ICO 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-favorites.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Taipei 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Khandyga 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\pt_PT\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Mail\wabimp.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\3082\hxdsui.dll 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Computers\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_Country.gif 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground.wmv 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Triedit\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00810_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB02229_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_left_over.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\FAX\UrbanFax.Dotx 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_bottom_left.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\picturePuzzle.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Slate\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEWDAT.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0241037.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0296288.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR5B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-gibbous.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setEmbeddedCP.bat 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\sl.pak 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN01173_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00012_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\QuestionIcon.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\RSSFeeds.css 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\RSSFeeds.js 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\sr-Latn-CS\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\javaws.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_CopyNoDrop32x32.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL00712_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\NAVBAR11.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dialdot_lrg.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\META-INF\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-gibbous.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099158.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR50F.GIF 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-common_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application-views_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Warsaw 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\DW\DW20.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Oasis\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART11.BDR 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\com.jrockit.mc.rcp.product_root_5.5.0.165303 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-private-l1-1-0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSCommon.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00254_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0293832.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME06.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Installed_schemas14.xss 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwrusalm.dat 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\OriginResume.Dotx 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\buttons.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEODBC.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00382_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\UrbanLetter.Dotx 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Antigua 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\playlist\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\IRIS\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OLKIRMV.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGSTORYVERT.XML 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Lindeman 3697516955.exe File created C:\Program Files\Windows Mail\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0384885.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange\BUTTON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR44B.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\baseAltGr_rtl.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\OMSMMS.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GrayCheck.css 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\j2pcsc.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\leftnav.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00916_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\PLANNERS.ONE 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Classic.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+1 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00273_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0290548.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\VCTRN_01.MID 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02758U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02039_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Verve.thmx 3697516955.exe File created C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\org-openide-filesystems.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Guayaquil 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe Root Certificate.cer 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql2000.xsl 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD01548_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01247U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00223_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\servertool.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\OutofSyncIconImages.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-spi-quicksearch.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-queries.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-attach.jar 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Aero.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CONCRETE\CONCRETE.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185800.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00170_.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_widescreen_Thumbnail.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.Targets 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\default_thumb.jpg 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0086428.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_selectionsubpicture.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341475.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0332268.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Slate.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\fontconfig.properties.src 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile16.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\FPERSON.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\NOTES.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\CALENDAR.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsPrintTemplate.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-snaptracer.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadcor.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14791_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\CollectSignatures_Sign.xsn 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\PublicFunctions.js 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Tbilisi 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_ru.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ko\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Pushpin.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsFormTemplate.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEIRM.XML 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ky.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_top_left.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOInstallerUI.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_increaseindent.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_down.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-keyring.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ACCWIZ.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.console.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Makassar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\launcher.win32.win32.x86_64.properties 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dialdot_lrg.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152414.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GrayCheck\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_bottom_left.png 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\perf_nt.dll 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.AddIn.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\icon.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_rest.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00018_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ONENOTE.HXS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mset7tkjp.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSQRY32.EXE 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-loaders.jar 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Entity.Design.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_bottom_left.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\drag.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviewers.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\HxRuntime.HxS 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ust-Nera 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Baghdad 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\glass_lrg.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\Hx.HxC 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RICEPAPR\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Word.en-us\WordMUI.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\ielowutil.exe 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push_title.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101862.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Trek.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21400_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART1.BDR 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04267_.WMF 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Rarotonga 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Martinique 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSLoc.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\msmdsrv.rll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00361_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\spacebackupicons.jpg 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk15\windows-amd64\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Tiki.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\feedback.gif 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\weather.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107450.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-correct.avi 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.resources_3.9.1.v20140825-1431.jar 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\msdaremr.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\mshwgst.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msdfmap.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD00160_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152436.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14583_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_it.properties 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\adcvbs.inc 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR24F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR6B.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightYellow\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_up.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Chisinau 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\LICENSE 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\asl-v20.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\license.html 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msdaprst.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR35F.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationLeft_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Pohnpei 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\IA32.api 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\subscription.xsd 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jmap.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\EXPLR_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341738.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01740_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\LOOKUP.DAT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Pitchbook.potx 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\currency.html 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSLaunch.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\Tulip.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\nbexec.dll 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ks_IN\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\sidebar.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\Microsoft.Ink.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Elemental.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\VIEWBY.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\27.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-applemenu.xml 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\intf\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187921.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\VIEW.JS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Library\Analysis\PROCDB.XLAM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FEZIP.POC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Noronha 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SoftBlue\background.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_m.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0241041.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\203x8subpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\plugin.jar 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0285444.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDCAT.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\calendar.html 3697516955.exe File opened for modification C:\Program Files\7-Zip\7-zip32.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\pop3.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\gadget.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Clarity.thmx 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\MEIPreload\manifest.json 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00915_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\QUERIES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\MSTHED98.POC 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-crescent.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\core.jar 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\js\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04269_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01585_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\bg_TexturedBlue.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jfr.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00407_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Auckland 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEWSS.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00775_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107024.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00238_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\WINWORD.DEV_F_COL.HXK 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\zh-CN\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\dtplugin\deployJava1.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libripple_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msader15.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_pl.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00130_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GRINTL32.REST.IDX_DLL 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\TitleButtonSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Jerusalem 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\gl\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-crescent_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14514_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsImageTemplate.html 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\currency.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\tnameserv.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.http_8.1.14.v20131031.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-nodes_ja.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\zh_TW\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libflac_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_hover.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02268_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME24.CSS 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+8 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\8.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_ContactHighMask.bmp 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\localizedStrings.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR45F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\INVITE.XML 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libcache_block_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21364_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME13.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_alignright.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\16-on-black.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\FREN\MSB1FREN.ITS 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\security\javafx.policy 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105520.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21307_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Wordconv.exe 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\1033\STINTL.DLL.IDX_DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\OrielReport.Dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\EPSIMP32.FLT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\UserControl.zip 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\alertIcon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\CLIP.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0103262.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\WhiteboxMask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.configuration_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Optional\README.TXT 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PROFILE\PROFILE.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00057_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18182_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\EXLIRMV.XML 3697516955.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\Packages\Debugger\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.dll 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\pl\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-core-execution.xml_hidden 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PAPYRUS\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02066_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\RSWOP.ICM 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\connectionmanager_dmr.xml 3697516955.exe File opened for modification C:\Program Files\7-Zip\7zCon.sfx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.ui.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\amd64\jvm.cfg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\Sybase.xsl 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01805_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\profile.jfc 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OneNote\SendToOneNoteUI.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\sqlceer35EN.dll 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\META-INF\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-io.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\tr\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_disabled.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200189.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART7.BDR 3697516955.exe File opened for modification C:\Program Files\ExportGroup.tmp 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_rest.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\tnameserv.exe 3697516955.exe File opened for modification C:\Program Files\Windows Portable Devices\sqmapi.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\penchs.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152890.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Mail\wabfind.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\1047x576black.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\1047x576black.png 3697516955.exe File opened for modification C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.Targets 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ff\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OMSINTL.DLL.IDX_DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PPINTL.DLL.IDX_DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART14.BDR 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\background.gif 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\notes-static.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\base-docked.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_h.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OMML2MML.XSL 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\WMPDMC.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\jfr.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00531_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\prism-d3d.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Wake 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\cmm\sRGB.pf 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\sd\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\sd\icecast.luac 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_up.png 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_vi.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Waveform.xml 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\oledbjvs.inc 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\html\cpyr.htm 3697516955.exe File created C:\Program Files\Windows Media Player\Network Sharing\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceSimplifiedQuanPin.txt 3697516955.exe File created C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01182_.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadcfr.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14801_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\etc\visualvm.conf 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-plaf_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\management.dll 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONLNTCOMLIB.DLL 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Client.dll 3697516955.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextService.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15275_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\ktab.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ReviewRouting_Init.xsn 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.WorkflowServices.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\alertIcon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR9B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prcr.x3d 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\SY______.PFB 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\AcroRead.msi 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0222017.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\OriginMergeLetter.Dotx 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\default-browser-agent.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\javafx-mx.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Cordoba 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\mr\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\gradient.png 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\oc\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EDGE\EDGE.INF 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\en-US\WMPDMCCore.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.SYX 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\InfoPath.en-us\InfoPathMUI.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0281638.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Events.accdt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.security_1.2.0.v20130424-1801.jar 3697516955.exe File opened for modification C:\Program Files\Windows Journal\Templates\blank.jtp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00014_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\PublicFunctions.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BANNER.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\OrielResume.Dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_down.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\orb.idl 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Regina 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\cy\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOMessageProvider.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099199.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\PhotoViewer.dll 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\Read_Me.txt 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaSansRegular.ttf 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Denver 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-jvmstat.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\modules\dkjson.luac 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\MS.WPG 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_de.dll 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\bg.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105238.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0229385.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\excelcnvpxy.dll 3697516955.exe File created C:\Program Files (x86)\Reference Assemblies\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00086_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.servlet.jsp_2.2.0.v201112011158.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00233_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GRAPH_COL.HXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR5B.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Troll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.console.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Gambier 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04225_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0089945.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105360.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0213243.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18196_.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsptb.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR40F.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-masterfs.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libnsc_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\wmprph.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\OLMAILR.FAE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_left.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceAmharic.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.jarprocessor_1.0.300.v20131211-1531.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOInstaller.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0240719.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSPUB.DEV.HXS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\NOTEBOOK.HTM 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SATIN\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00814_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14985_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14594_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\WebToolImagesMask16x16.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\settings.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Blanc-Sablon 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-api-annotations-common.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_delay_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\MSSOAPR3.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BOLDSTRI\BOLDSTRI.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01143_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03731_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14829_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.continuation_8.1.14.v20131031.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\1033\MSGR3EN.DLL 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.commons.codec_1.6.0.v201305230611.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\Back-48.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR34F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\REPORTL.ICO 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.registry_3.5.400.v20140428-1507.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libinvert_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css\flyout.css 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_play.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\blank.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\SWBELL.NET.XML 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ql_2.0.100.v20131211-1531.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\DiagnosticsTap.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\PST8 3697516955.exe File created C:\Program Files\Windows Journal\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-docked.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14529_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\MMSL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\Microsoft.Office.Infopath.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Hovd 3697516955.exe File created C:\Program Files\Windows Media Player\Skins\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceAmharic.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEEXCH.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01148_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02040U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_left_over.gif 3697516955.exe File opened for modification C:\Program Files\DVD Maker\en-US\OmdProject.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART2.BDR 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\OLAPPT.FAE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OUTLACCT.DLL 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_dot.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libtimecode_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\ConnectionManager.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEDAO.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOInstaller.config 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0304371.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\serialver.exe 3697516955.exe File opened for modification C:\Program Files\Windows NT\TableTextService\en-US\TableTextService.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0216724.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLOOK.DEV_COL.HXT 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\gtkTSFrame.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_display_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\eula.ini 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\OSETUP.DLL 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00017_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\mozavutil.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-windows_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0216570.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00913_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21327_.GIF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ps.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport_mask_left.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color120.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0285484.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\SPACER.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-highlight.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Buenos_Aires 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Thimphu 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\en-US\wmpnssui.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\tpcps.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\OFFREL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\updater.ini 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\com.oracle.jmc.executable.win32.win32.x86_64_5.5.0 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\be\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libcompressor_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Equity.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\GostName.XSL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKDEC.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBAD.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Module.zip 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationRight_SelectionSubpicture.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Blanc-Sablon 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\PDFFile_8.ico 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\WATERMAR\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL01041_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR19F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\XMLSDK5.CHM 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Campo_Grande 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.THD 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\PSS10R.CHM 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.FR.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\QuizShow.potx 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CANYON\CANYON.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187881.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSSP7EN.DLL 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libpva_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00097_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLWVW.DLL.IDX_DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\EXITEML.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SpringGreen\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\HEADINGBB.DPV 3697516955.exe File created C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_thunderstorm.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\YST9 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00703L.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.MY.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143743.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.operations_2.4.0.v20131119-0908.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-application.xml 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\hy\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\37.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\FREN\MSB1FREN.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Oriel.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\policytool.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\MST 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\gd\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL01394_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\nbexec64.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-keyring-impl.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libaudioscrobbler_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099177.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0178632.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Oasis\HEADER.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\gadget.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14513_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-uihandler.xml 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\en-US\sqloledb.rll.mui 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.IdentityModel.Selectors.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN065.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CERT98SP.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\33.png 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\yo.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0102762.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Author2XML.XSL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\EntityDataHandler.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\DATE.JPG 3697516955.exe File created C:\Program Files (x86)\Windows Media Player\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\PhotoAcq.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-heapwalker.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\et\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libnsv_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME47.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_m.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Kentucky\Monticello 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-nodes.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02398_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18204_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21309_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\TaxonomyControl.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceArray.txt 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\en-US\jsdbgui.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02736G.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0278882.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Biscay\TAB_ON.GIF 3697516955.exe File created C:\Program Files (x86)\Windows Media Player\Visualizations\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\MainMenuButtonIcon.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Berlin 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\management\management.properties 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_splitter\libpanoramix_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\D3DCompiler_47.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341559.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\POSTS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightYellow\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\derby_common.bat 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\UserControl.zip 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository_1.1.300.v20131211-1531.jar 3697516955.exe File created C:\Program Files\Java\jre7\bin\dtplugin\Read_Me.txt 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BREEZE\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_kn.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\ieproxy.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0106124.WMF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01141_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Places\VIBE.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PS10TARG.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00487_.WMF 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\precomplete 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\hr\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10268_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_left_over.gif 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0195320.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR17F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\CLICK.WAV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\README.html 3697516955.exe File created C:\Program Files\Java\jre7\lib\zi\Antarctica\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_bg.dll 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\StarterToolTemplates.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Karachi 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdasql.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS01637_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Apothecary.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\NotifierBackground.jpg 3697516955.exe File opened for modification C:\Program Files\Common Files\System\ado\msado20.tlb 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\.settings\org.eclipse.equinox.p2.metadata.repository.prefs 3697516955.exe File opened for modification C:\Program Files\Windows Defender\MpCmdRun.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SIGNS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CALNDR98.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\Media.accdt 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\TextConv\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\17.png 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler-ui.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-api-caching_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\pingsender.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SKY\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105298.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01746_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.HK.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Tarawa 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\QUIKPUBS.POC 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\TextConv\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04369_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD08808_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00234_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14882_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Manuscript.dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\NAVBRPH1.POC 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\nn\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Rio_Gallegos 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Cancun 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Vincennes 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TextConv\Wks9Pxy.cnv 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CONCRETE\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\Comments.accdt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)greenStateIcon.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-sampler.xml 3697516955.exe File opened for modification C:\Program Files\DebugEdit.mpe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152602.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\LISTBOX.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_s.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Blue_Gradient.jpg 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\ENFR\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ICE\ICE.INF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-masterfs-nio2.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Nairobi 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.expressions_3.4.600.v20140128-0851.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Defender\MpAsDesc.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\Adobe\Help\en_US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\rmid.exe 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Lime\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsPreviewTemplate.html 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_pressed.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0195534.WMF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\MANIFEST.MF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Hobart 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libavi_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GRAPH_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCDREQS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\Verisign\Components\VS_ComponentSigningIntermediate.cer 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_LOOP_BG.wmv 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libreal_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado20.tlb 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0230558.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.Tools.Applications.Project.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\System\en-US\wab32res.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00116_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsViewTemplate.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN103.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\LAYERS\LAYERS.ELM 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\plugin.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR48B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\DataListIconImages.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\INVITE.DPV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\META-INF\MANIFEST.MF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.equinox.simpleconfigurator\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Chatham 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\CUP.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jrunscript.exe 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_file_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_disabled.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\TipTsf.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01237_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115866.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen\BUTTON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_FormsHomePageBlank.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-core.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi_3.10.1.v20140909-1633.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\VBE7.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\WWINTL.REST.IDX_DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\AddToViewArrow.jpg 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\InfoPathOMV12\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll.sig 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00442_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00414_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBWZINT.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaurl.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Mahe 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\video_chroma\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)grayStateIcon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY01252_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsHomePageStyle.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGPUNCT.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-host.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-modules_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Cape_Verde 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+1 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\br\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18239_.WMF 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\sk-SK\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Phoenix 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\lv\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\settings.html 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\LISTS\1033\STOCKS.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0324704.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\POWERPNT_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Detroit 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Americana\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Connectivity.gif 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationLeft_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-lib-uihandler.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\sqloledb.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01356_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsColorChart.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\CALENDAR.GIF 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\adovbs.inc 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\jsdbgui.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00129_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MAPISHELLR.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.update.configurator.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaTypewriterRegular.ttf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Origin.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10336_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ENGIDX.DAT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\Shared16x16Images.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Anadyr 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Maroon.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-keyring.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Ndjamena 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\jsprofilerui.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00021_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00544_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\PLUS.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-autoupdate-cli.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\settings.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPBluTSFrame.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099162.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00468_.WMF 3697516955.exe File opened for modification C:\Program Files\CloseExit.mpeg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-11 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00382_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0199279.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR18F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\POST.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\SUBMIT.JS 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_SelectionSubpicture.png 3697516955.exe File created C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\zh_TW\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-new_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\NEWS.DPV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\content-types.properties 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Main_Background_Loading.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado15.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105378.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0199473.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0285792.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\OLTASKR.FAE 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\NextMenuButtonIcon.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\cy\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01300_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\triangle.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\security\cacerts 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_rest.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLUECALM\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN02724_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01178_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0214948.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ACCICONS.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\TWORIENT.DLL 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationLeft_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\libsubsdelay_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_bn.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-compat.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-print.xml_hidden 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\meta\art\03_lastfm.luac 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libaom_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EDGE\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00760L.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0292020.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-multiview.xml 3697516955.exe File created C:\Program Files\Mozilla Firefox\browser\VisualElements\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\RSSFeeds.js 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\eula.rtf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME50.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mset7tk.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BRCHUR98.POC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Gaza 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-core-file-l2-1-0.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\bn\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01368_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsIncomingImageSmall.jpg 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-image-mask.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.compatibility.state.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00603_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\sqlceqp35.dll 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\META-INF\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\de.pak 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libxa_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_dummy_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21322_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\blank.png 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\pl-PL\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\gadget.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0298653.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\ReachFramework.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\wmpnssci.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_CN_5.5.0.165303\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107182.WMF 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\mn\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Publisher.en-us\SETUP.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSACCESS.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\PhotoBase.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\19.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Montreal 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\unpack.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.services_1.1.0.v20140328-1925.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-plaf_ja.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmpc_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PARNT_09.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OUTLMIME.DLL 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\whiteband.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BORDERBB.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CA.XML 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libantiflicker_plugin.dll 3697516955.exe File created C:\Program Files\WindowsPowerShell\Modules\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\penkor.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\COMPASS\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\STUDIO\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107718.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\TipsImage.jpg 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\kk.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BIZCARD.DPV 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_dot.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.IDX 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00633_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GrayCheck\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javadoc.exe 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-execution.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-heapdump_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.Design.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18203_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21535_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OWSSUPP.DLL 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\25.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BROCHURE.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\pdf.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\DiscussionToolIconImages.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santiago 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh87 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler_ja.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105846.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\POWERPNT_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR1F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_Earthy.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\form_edit.js 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkServerCP.bat 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-favorites.xml_hidden 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0301252.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Shorthand.emf 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXEV.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107150.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\RM.DLL 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\feature.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-spi-actions.xml_hidden 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RMNSQUE\RMNSQUE.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN00010_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04206_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\DISTLSTS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\CalendarToolIconImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jstat.exe 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_SelectionSubpictureA.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationRight_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Chihuahua 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\feature.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\slideShow.html 3697516955.exe File opened for modification C:\Program Files\Common Files\System\wab32res.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\FREN\WT61FR.LEX 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\DW\DBGHELP.DLL 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\STS2\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_floating.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15274_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\El_Aaiun 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\9.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD02088_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ENGDIC.DAT 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Psychedelic.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-ui.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_h.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EVRGREEN\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0075478.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152704.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0386485.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Sts.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\feature.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB7.BDR 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_FormsHomePage.gif 3697516955.exe File opened for modification C:\Program Files\DVD Maker\rtstreamsource.ax 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Guyana 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\vimeo.luac 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\WMPMediaSharing.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Excel.en-us\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\msinfo32.exe 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\handsafe.reg 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Javascripts\JSByteCodeWin.bin 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.observable.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\kcms.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Dataset.zip 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_down.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\keytool.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\FDATE.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341447.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_ContactLowMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSSP7FR.LEX 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ConvertInkStore.exe 3697516955.exe File created C:\Program Files (x86)\Windows Media Player\Media Renderer\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0212661.WMF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\css\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Peacock.jpg 3697516955.exe File created C:\Program Files\Internet Explorer\images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Adak 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-convert-l1-1-0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD00173_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200151.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00345_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00232_.WMF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\fy.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_disabled.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\OriginReport.Dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-snaptracer.xml 3697516955.exe File created C:\Program Files\Java\jre7\lib\cmm\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VGX\VGX.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL092.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PSTPRX32.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Yellowknife 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.directorywatcher_1.1.0.v20131211-1531.jar 3697516955.exe File created C:\Program Files (x86)\Common Files\System\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02790_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR32B.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_ja.properties 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\DvdTransform.fx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\DumontDUrville 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssBackBlue_Undocked.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\CRANE.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18197_.WMF 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Mendoza 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\SaslPrep\SaslPrepProfile_norm_bidi.spp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\EXCEL_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\orbd.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN020.XML 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\EST 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)redStateIcon.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SATIN\SATIN.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107484.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0387591.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10265_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\DataType\Tags.accft 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-ImageMask.png 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\WinFXList.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libsdp_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\MakeAccessible.api 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\BRANDING.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\CLASSIC1.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\DRUMROLL.WAV 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\unpack.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-heapwalker.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0145895.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187825.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02276_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18232_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\XLCPRTID.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\sqlceoledb35.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-keyring-fallback.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme_0.9.300.v20140424-2042.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-editor-mimelookup.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-snaptracer_zh_CN.jar 3697516955.exe File created C:\Program Files\Java\jre7\lib\images\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\pt_BR\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21377_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\INFOPATHEDITOR_COL.HXT 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Orange Circles.htm 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsPrintTemplateRTL.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18210_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\CONTACTL.ICO 3697516955.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\Packages\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\pt_BR\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-nodes.xml 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Maputo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\tet\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\GIFIMP32.FLT 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\LISTS\1033\TIME.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18213_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Curacao 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SOCIALPROVIDER.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Desert.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\HST10 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ja.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0285808.WMF 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\icon.png 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\bn.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerActions.exsd 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Nauru 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\LightSpirit.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\CURRENCY.HTM 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_glass_Thumbnail.bmp 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\http\css\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Updater.api 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OISINTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR7B.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\colorcycle.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.intro.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-uisupport_ja.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libequalizer_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SLATE\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\DEEPBLUE\DEEPBLUE.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ACCOLKI.DLL 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Notes_loop.wmv 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\OutSyncPC.ico 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-locale-l1-1-0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\Keywords.HxK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\RTF_BOLD.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\ORG97R.SAM 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationRight_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationRight_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.commands_0.10.2.v20140424-2344.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Paris 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviews_sent.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BABY_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00211_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR17F.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationUp_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\NL.ROGERS.COM.XML 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sampler_ja.jar 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\uninstall\helper.exe 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libogg_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\en-US\sbdrop.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd.otf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287024.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\groove.net\Servers\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-split.avi 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\notConnectedStateIcon.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Glace_Bay 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Srednekolymsk 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\application.ini 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\js\controllers.js 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libjpeg_plugin.dll 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\io.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.metadataprovider.exsd 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-ui.xml 3697516955.exe File created C:\Program Files\Java\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\libinteger_mixer_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\LISTS\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\OfficeMUI.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\SETUP.CHM 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\header-background.png 3697516955.exe File created C:\Program Files\Google\Chrome\Application\SetupMetrics\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-explorer.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-views_ja.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libadpcm_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa03.hsp 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\ALRTINTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21365_.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.MOF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-right.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\ACTIVITL.ICO 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.io_8.1.14.v20131031.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libadummy_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libflacsys_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\settings.css 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR1B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL087.XML 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\sr.pak 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BS2BARB.POC 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\scrapbook.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2launcher.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Kiev 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-templates.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-modules-startup.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153047.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0199469.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_kor.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Verve.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGMARQ.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200289.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.update.configurator.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\fr\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01186_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14828_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.VisualC.STLCLR.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Roses.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsHomePage.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue.css 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Pyongyang 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host_ja.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked-loading.png 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_te.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS01638_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101858.BMP 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\WET 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Origin.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0205466.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\SIGN.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-swing-outline.jar 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationLeft_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Wallis 3697516955.exe File created C:\Program Files\Java\jre7\lib\images\cursors\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Kosrae 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\cli.luac 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\main.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107492.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\ado\en-US\msader15.dll.mui 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART9.BDR 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Triedit\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Americana\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_OliveGreen.gif 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_MATTE_PAL.wmv 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\720x480blacksquare.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01152_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02750G.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02051_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\QP.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\highDpiImageSwap.js 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Bissau 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_rest.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\OliveGreen.css 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-gibbous_partly-cloudy.png 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\meta-index 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Proof.en\Proof.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0233665.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01158_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BCSClient.Msg.dll 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\SmallLogo.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\sunmscapi.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\New_York 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\ECLIPSE_.SF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\pkeyconfig-office.xrm-ms 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21375_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLOOK_COL.HXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL110.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jsoundds.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Ashgabat 3697516955.exe File created C:\Program Files (x86)\Common Files\Adobe\Help\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Mail\oeimport.dll 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\js\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.base.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-modules.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Inuvik 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\is\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-gibbous.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14871_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR45F.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-swing-outline.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\twitch.luac 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\wlsrvc.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ARCTIC\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099180.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\INDOMAIN.ICO 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-jmx.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Pangnirtung 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\index.gif 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Mawson 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Choibalsan 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_top_right.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\OneNote.en-us\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00169_.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\sqloledb.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_s.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\hi\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_hu.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART4.BDR 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\People\MMHMM.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\GrooveFormsMetaData.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL027.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\css\cpu.css 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ast\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\corner.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\IPSEventLogMsg.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Omsk 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Madeira 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\tr\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Thawte Root Certificate.cer 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\VISSHE.DLL 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\th-TH\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.widgets.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00090_.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\uk-UA\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\dnsns.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\jaccess.jar 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\en-US\WMPDMC.exe.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\A3DUtility.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CAPSULES\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD15185_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PROTTPLV.XLS 3697516955.exe File created C:\Program Files\Java\jre7\bin\Read_Me.txt 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_http_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_h.png 3697516955.exe File created C:\Program Files (x86)\Common Files\Adobe\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightYellow.css 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationUp_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Mso Example Setup File A.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_US.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CANYON\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-selector-ui.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.transport.ecf.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File created C:\Program Files\Java\jre7\lib\zi\Africa\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\Video-48.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\settings.js 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\ViewerPS.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AppConfigInternal.zip 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ku.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Black Tie.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions.css 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\grid_(inch).wmf 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Net.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CAPSULES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0168644.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00668_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\locale\jfluid-server_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\license.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.annotation_1.2.0.v201401042248.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\SNIPE.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\drag.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_precomp_matte.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh87 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18230_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14538_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME40.CSS 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ba.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Glace_Bay 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\SendMail.api 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\STUDIO\STUDIO.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLBAR.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\powerpnt.exe.manifest 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\icon.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-profiler.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonUp_Off.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGATNGET.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_over.png 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw32.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.util_1.0.500.v20130404-1337.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sampler_ja.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\IMCONTACT.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0187423.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14982_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\ViewHeaderPreview.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\TWSTRUCT.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MLCFG32.CPL 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\osclientcerts.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107480.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\clock.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Majuro 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\button-highlight.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\hprof.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\gimap.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_basestyle.css 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Boa_Vista 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can.fca 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-next-over-select.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\OOFL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectStatusIconsMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PROGRAM.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\slideshow_glass_frame.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00523_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD08773_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14795_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\NotifierDownArrow.jpg 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\gu\LC_MESSAGES\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\hi\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0281904.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21336_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Palau 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Kiritimati 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Pitcairn 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Ust-Nera 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\fy\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeAUM_rootCert.cer 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Adjacency.xml 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\mraut.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_snow.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_OliveGreen.gif 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\flyoutBack.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152558.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0292982.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB3A.BDR 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\PINELUMB.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-gibbous_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_bottom_right.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\Folder-48.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH00780U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\AMERITECH.NET.XML 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\nn\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\BIN\FPSRVUTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14833_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCHDRESP.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\XOCR3.PSP 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\month.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\pt-BR\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-settings_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaBrightDemiBold.ttf 3697516955.exe File opened for modification C:\Program Files\Java\jre7\LICENSE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0197983.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382954.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME42.CSS 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\.settings\org.eclipse.equinox.p2.artifact.repository.prefs 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_srt_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libvdummy_plugin.dll 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\db\bin\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Photo Viewer\en-US\ImagingDevices.exe.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR31F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\SAVE.GIF 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\css\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\gl\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Stockholm 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libadf_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153302.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Welcome Tool\IconImages.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\grvschema.xsd 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Fakaofo 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\1033\VBCN6.CHM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HM00172_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Cape_Verde 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color32.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado21.tlb 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00403_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0098497.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01562U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME01.CSS 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-output2.xml 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_INTRO_BG.wmv 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libg711_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00154_.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\kor-kor.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\config.ini 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Bahia 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_nv12_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0296277.WMF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\es.txt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ms.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Matamoros 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TextConv\RECOVR32.CNV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00157_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\INFOPATH.HXS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\MessageBoxIconImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\VIEW.JS 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.UK.XML 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\vlm_cmd.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\snmp.acl.template 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\wsdetect.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh88 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00526_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00466_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00234_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0285360.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\jvmticmlr.h 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\NEWS11.POC 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\security\java.security 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libnuv_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Journal\Templates\Dotted_Line.jtp 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_hov.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\ACEODBCI.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00543_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\META-INF\MANIFEST.MF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\EquityMergeLetter.Dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD00146_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239951.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0297727.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21338_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR11F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange\background.gif 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\sk.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\South_Georgia 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-lib-profiler-charts.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Horizon.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0157763.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR14F.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-dayi.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.inject_1.0.0.v20091030.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.core_0.10.100.v20140424-2042.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-templates_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Halifax 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ru.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\NUMERIC.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL065.XML 3697516955.exe File opened for modification C:\Program Files\Common Files\System\ado\adovbs.inc 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BIZFORM.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\cpu.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB8.BDR 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-javahelp_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\settings.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00985_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153095.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGCAL.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Management.Instrumentation.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.di.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Madeira 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libcache_read_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libscene_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\en-US\msdaremr.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Slate\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\unpack200.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Novokuznetsk 3697516955.exe File created C:\Program Files\MSBuild\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Defender\en-US\MpAsDesc.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\divider-horizontal.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.commands.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\he.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-options-keymap.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\IACOM2.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00163_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02208U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BZCRD98.POC 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cuiaba 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\playlist.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\LINE.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\SEARCH.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsVersion1Warning.htm 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\glass_lrg.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\jawt.h 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01213K.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Country.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\BREEZE.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_rainy.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-imageMask.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\fi\Read_Me.txt 3697516955.exe File created C:\Program Files\WindowsPowerShell\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdadc.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AssemblyInfoInternal.zip 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-dialogs_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.diagnostic_5.5.0.165303.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\km\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SPRNG_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\settings.html 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_over.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Porto_Velho 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLOOK.DEV_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Default.dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\COMBOBOX.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.compatibility.state_1.0.1.v20140709-1414.jar 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\en-US\msdaremr.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00084_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL081.XML 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\New_Salem 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-awt_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-keyring-impl.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-remote_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\eu\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_s.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_left.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightDemiItalic.ttf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0304853.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Clarity.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Interface.zip 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0301044.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\feature.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.repository_1.2.100.v20131209-2144.jar 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BOLDSTRI\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0233992.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LABEL.DPV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\CIEXYZ.pf 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\abcpy.ini 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101866.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107148.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02862_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Fancy.dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\WSS.ICO 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Efate 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\en-US\msdaorar.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD19988_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01066_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\EADOCUMENTAPPROVAL_INIT.XSN 3697516955.exe File opened for modification C:\Program Files\Windows Photo Viewer\ImagingDevices.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Apia 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-masterfs-nio2.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_dot.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\6.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1041\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\template.msi 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\GreenBubbles.jpg 3697516955.exe File opened for modification C:\Program Files\ConnectInitialize.001 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02388_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\GKExcel.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mset7jp.kic 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BAN98.POC 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-core-file-l1-2-0.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libdtv_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Bears.jpg 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\WSS\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Kosrae 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\tzmappings 3697516955.exe File opened for modification C:\Program Files\Windows Mail\wab.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107192.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME03.CSS 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\invalid32x32.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SPRING\SPRING.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\bg_Earthy.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\SLINTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsHomePage.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGACCBAR.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\STORYVERTBB.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Extensions.dll 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\VisualElements\VisualElements_70.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\it\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Royale.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187851.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR9F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR28F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Speech.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_up.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152560.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\spacebackupiconsmask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\LICENSE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLWVW.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\INFOMS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_hail.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00726_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\LISTS\1033\STOCKS.DAT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00670_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSPUB.HXS 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1042\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Monet.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derby.war 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\org-openide-util.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\COIN.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.AddIn.Contract.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_fr.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-snaptracer_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\La_Paz 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\dcpr.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00524_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GRLEX.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\wmplayer.exe.mui 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InkWatson.exe.mui 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Menominee 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14581_.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-explorer_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Khandyga 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\core_visualvm.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libimage_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\System\msadc\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107526.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Desert\HEADER.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Recife 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_sml.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\localizedStrings.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PICSTYLES.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.CRT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BCSRuntimeUI.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsPrintTemplate.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsViewAttachmentIcons.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-progress-ui.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Guadalcanal 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\UKRAINE.TXT 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLUEPRNT\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099200.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01246_.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\CsiSoap.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-openide-util-enumerations.xml_hidden 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Bahia_Banderas 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\sl\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\avtransport.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\divider-vertical.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOffNotificationInAcrobat.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\IRIS\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\decorative_rule.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\WATER\WATER.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FS3BOX.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\32.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PROFILE\PROFILE.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libopus_plugin.dll 3697516955.exe File opened for modification C:\Program Files\desktop.ini 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TextConv\MSCONV97.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00956_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer.png 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\sa.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00392_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101860.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\OLR.SAM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SIGN.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_mid_over.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PTXT9.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\drag.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Eirunepe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SPRING\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Metro.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsViewAttachmentIconsMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsBlankPage.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DOTS.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\SIGN98.POC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\feature.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.sat4j.core_2.3.5.v201308161310.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Merida 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ach\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\DAO\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_cloudy.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-gibbous_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\si.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0197979.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382950.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\Verisign\Components\VeriSign_Class_3_Code_Signing_2001-4_CA.cer 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_mid_over.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\msolap100.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libfps_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\README-JDK.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.core.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\bg\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR16F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\logo.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Vevay 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Apex.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-print_ja.jar 3697516955.exe File opened for modification C:\Program Files\Windows Journal\jnwdui.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-hot.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\INDST_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0145168.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\drag.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105244.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Waveform.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0297185.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\203x8subpicture.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0217698.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21512_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\MarkupIconImagesMask.bmp 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01015_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00013_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OIS_F_COL.HXK 3697516955.exe File created C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Runtime\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Adelaide 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOHEV.DLL 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_id.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD05119_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\bg_OliveGreen.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsOutgoingImageSmall.jpg 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\Mso Example Intl Setup File B.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105328.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SETLANG.EXE 3697516955.exe File created C:\Program Files (x86)\Uninstall Information\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\videowall.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN01251_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Pitcairn 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages.properties 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_rainy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CORPCHAR.TXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0151061.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0400004.PNG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-tools.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\mlib_image.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00914_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLPERF.INI 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN105.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-crescent.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\15x15dot.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.jdp.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\ja-jp.xml 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\26.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\OfficeMUISet.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115865.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Lime\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\5.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winClassicHandle.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ru\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_es_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\pdmproxy100.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0195772.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01849_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\Xlate_Init.xsn 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\NotifierCloseButton.jpg 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\hu.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\COMPASS\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00685_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14996_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME45.CSS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\XLINTL32.DLL.IDX_DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PPTIRM.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\add_up.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXEV.DLL 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\vi\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_down.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WCOMP98.POC 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Cairo 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssLogo.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0199483.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_FileHigh.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multiview_zh_CN.jar 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\css\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office64.en-us\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.SharePoint.BusinessData.Administration.Client.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\jaas_nt.dll 3697516955.exe File created C:\Program Files\Mozilla Firefox\fonts\Read_Me.txt 3697516955.exe File created C:\Program Files\Reference Assemblies\Microsoft\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\it\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libmediadirs_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\JPEGIM32.FLT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239975.WMF 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02957_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationClient.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01354_.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipschs.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\jaccess.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui_3.106.0.v20140812-1751.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\add_over.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_docked.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\en_GB\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Mail\oeimport.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ACCDDSUI.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WPULQT98.POC 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_INTRO_BG_PAL.wmv 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18224_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORM.DLL 3697516955.exe File created C:\Program Files (x86)\Windows Media Player\Icons\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.renderers.swt.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\nbexec.exe 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\features\[email protected] 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Acrofx32.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE06049_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18231_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GrayCheck\HEADER.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Oasis\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Graph.emf 3697516955.exe File created C:\Program Files\Java\jre7\lib\zi\Asia\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Journal\JNTFiltr.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-Regular.otf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00142_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0282928.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\EXLIRM.XML 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\klist.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\feature.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-compat.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\LEVEL\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0106020.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WHIRL1.WMF 3697516955.exe File created C:\Program Files\Common Files\System\Ole DB\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.filetransfer_5.0.0.v20140827-1444.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome.dll 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ky\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198102.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0183168.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\OFFICE10.MMW 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_left_disable.gif 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\kaa.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\eclipse.inf 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\kk\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\tl\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSDecWrp.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Origin.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSTORE_K_COL.HXK 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\VSTO\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18222_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18248_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\DOCL.ICO 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.jdp_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\SetupMetrics\20201028184006.pma 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-heapdump.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RMNSQUE\RMNSQUE.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Americana\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSACCESS.DEV_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSSP7EN.LEX 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Mail\WinMail.exe 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Panel_Mask_PAL.wmv 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\uk-UA\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-disable.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_received.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00965_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02389_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Distinctive.dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\MessageBoxIconImages.jpg 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\br.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_glass_65_ffffff_1x400.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\3082\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EVRGREEN\EVRGREEN.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01421_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01749_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\EXITEM.CFG 3697516955.exe File created C:\Program Files\Java\jre7\lib\deploy\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\libxml2.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-threaddump.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00419_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0291984.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NL7MODELS000A.dll 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\TextConv\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kuala_Lumpur 3697516955.exe File created C:\Program Files\Uninstall Information\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Abstractions.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21319_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\jfr\default.jfc 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152894.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_alignleft.gif 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ar\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.views.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\keytool.exe 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\liblogo_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Temp\GUMBFA6.tmp\GoogleUpdateSetup.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099163.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0178932.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0234000.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\javafx.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\etc\visualvm.clusters 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Gibraltar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-today.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\Vdk10.lng 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt.fca 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0212601.WMF 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\pt-PT.pak 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\librawvid_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\keystore\libfile_keystore_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can03.ths 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18249_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Sort\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\GREETING.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\rmid.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multitabs_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0106816.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY00127_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\XLINTL32.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SMSS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\OnLineBusy.ico 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Blog.dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.forms_3.6.100.v20140422-1825.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\Microsoft.mshtml.dll 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\sr\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\Accessible.tlb 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Computers\computericon.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\Hierarchy.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OARTCONV.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\ECLIPSE_.RSA 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk16\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\mk\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00092_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Library\Analysis\ATPVBAEN.XLAM 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\prodicon.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUB6INTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR42F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OLMAPI32.DLL 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\travel.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0103812.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0304875.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ACCVDT.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightYellow\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.SG.XML 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\or\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.addons.swt.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0172067.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PSWAVY.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15020_.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Library\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationLeft_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-ui_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\psuser_64.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00513_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\ViewHeaderPreview.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\ACCTBOX.POC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Whitehorse 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\zh-tw.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-5 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1253.TXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0151045.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WITHCOMP.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Training.potx 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\back.png 3697516955.exe File created C:\Program Files\7-Zip\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\SUBMIT.JS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\InfoPathOMV12\Microsoft.Office.Infopath.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-new_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099202.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD07761_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SECURL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\slideShow.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-jmx.xml 3697516955.exe File opened for modification C:\Program Files\MountGet.php 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152606.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\TRANSMRR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AppConfig.zip 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Boa_Vista 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-search.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_da.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00505_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\ACTIVITY.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.Targets 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\pt-br.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\localedata.jar 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Aqtobe 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\koreus.luac 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-4.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18246_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GROOVE_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_babypink_Thumbnail.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonDown_On.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\28.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\1033\VBE7INTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Newsprint.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\attention.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_choosefont.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\IPEDITOR.DLL 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\visualization\libprojectm_plugin.dll 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ks_IN\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\gfserrorfromgroove.ico 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_INTRO_BG.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libdiracsys_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\clock.html 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\IRIS\IRIS.INF 3697516955.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\10.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\java-rmi.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Creston 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\1.7\Microsoft.Ink.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0102984.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152708.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02127_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN010.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\verify.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SoftBlue\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSTORE.HXS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099176.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kamchatka 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked-loading.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\AXIS\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341554.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03451_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10337_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\STSUCRES.DLL 3697516955.exe File opened for modification C:\Program Files\Common Files\System\ado\msadrh15.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_choosecolor.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PS2SWOOS.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_alignright.gif 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\as_IN\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\PST8PDT 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationClient.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107730.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Couture.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14578_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jarsigner.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\messageboxerror.ico 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-gibbous_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\EXPTOOWS.XLA 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0205462.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0390072.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\MeetingIconMask.bmp 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Civic.thmx 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\crashreporter.ini 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0188667.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\server\classes.jsa 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw48.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099186.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02264_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SUMER_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ACCDDS.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\CONTACTS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_GreenTea.gif 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push_item.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\settings.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_alignright.gif 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Currie 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\groove.net\Servers\RELAY.CER 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL001.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ApothecaryMergeLetter.dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_foggy.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\GreenBubbles.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winClassicTSFrame.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00372_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\INLAUNCH.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\EquityReport.Dotx 3697516955.exe File created C:\Program Files\Internet Explorer\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_diagonals-thick_20_666666_40x40.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RADIAL\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00200_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341344.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\accessibility.properties 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Monterrey 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0086420.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\STS2\TAB_OFF.GIF 3697516955.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.ServiceModel.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-tools.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21520_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\DataServices\FOLDER.ICO 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Niue 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-explorer.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\STRTEDGE\STRTEDGE.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BCSStr32.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.Interop.InfoPath.Xml.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Routing.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javafx-font.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\indxicon.gif 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\es\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libdav1d_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107158.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Slate\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Runtime\x86\Microsoft.Synchronization.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576_91n92.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libsmf_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_ca.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\about.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.scheduler.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-sendopts.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-api.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\instrument.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssBackBlue_docked.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Onix32.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\NetworkServerControl 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239057.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\UCT 3697516955.exe File created C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00559_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LETTHEAD.XML 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\mshwLatin.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\babyblue.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\javafx-font.dll 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\FDFFile_8.ico 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0196354.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02470U.BMP 3697516955.exe File created C:\Program Files\Common Files\Services\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-modules.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00135_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382957.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\bg_LightSpirit.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\STS2\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\settings.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Edmonton 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\jamendo.luac 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_down.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\SketchIconImages.bmp 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OLKFSTUB.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_zh_TW.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143744.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_up.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\icon.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkClientCP.bat 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CASCADE\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107712.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152594.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00199_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSACCESS.DEV.HXS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\POST98SP.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\zy______.pfm 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\management.properties 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libremap_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00524_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\SETLANG_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\REFEDIT.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\34.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_Buttongraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\ACEWSTR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL01565_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\InformationIconMask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Bissau 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-netbeans-modules-queries.xml 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\youtube.luac 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\EN00319_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107742.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\DataViewIconImages.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NAME.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL102.XML 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-compat_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Bogota 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Bucharest 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-outline_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javaw.exe 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\logo.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeUpdate.cer 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01618_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR30B.GIF 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Journal\PDIALOG.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01171_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00369_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0145361.JPG 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GrayCheck\TAB_OFF.GIF 3697516955.exe File created C:\Program Files\MSBuild\Microsoft\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\REFINED\REFINED.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RICEPAPR\RICEPAPR.ELM 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\1047_576black.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_de.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\contbig.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.widgets_1.0.0.v20140514-1823.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Cocos 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CROATIAN.TXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH02312_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0186362.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\ko-kr.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OIMG.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB10.BDR 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\20.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02223U.BMP 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\blocklist.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ONINTL.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\resources.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\GMT 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\msvcr100.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libftp_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-last-quarter.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00828_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\bg_sidebar.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2iexp.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Abidjan 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Novosibirsk 3697516955.exe File created C:\Program Files\Mozilla Firefox\uninstall\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\Dynamic.pdf 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0157177.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21328_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR24F.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\amd64\jvm.cfg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\msdatasrc.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\OLMAIL.FAE 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\El_Aaiun 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmpgv_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue\TAB_ON.GIF 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\DiagnosticsHub_is.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-attach_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\plugins.dat 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-Bold.otf 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\MTEXTRA.TTF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01161_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\37.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_Buttongraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kuching 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00261_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0241077.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0386764.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01245_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\gfserrortogroove.ico 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mscss7cm_es.dub 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\ktab.exe 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\mr\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03513_.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadcor.dll 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR47B.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\ado\msado27.tlb 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SoftBlue.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR47B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\WINWORD_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\lt.pak 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Perth 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\spacer_highlights.png 3697516955.exe File created C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.eclipse.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\en-US\wmpnscfg.exe.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.property_1.4.200.v20140214-0004.jar 3697516955.exe File created C:\Program Files\Windows NT\TableTextService\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0174952.JPG 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\oc\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\prism-d3d.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_zh_TW.properties 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\fy\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\18.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02810J.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OIS.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\WSS\1100.accdt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome_elf.dll 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CATALOG.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ECLIPSE\ECLIPSE.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\DVA.api 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02752G.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Places\ALARM.WAV 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ka\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\resources.pak 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mspub.exe.manifest 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_top_right.png 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\en.ttt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Faroe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.directorywatcher.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\css\currency.css 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PAPYRUS\PAPYRUS.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04323_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_top_left.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185786.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\MINUS.GIF 3697516955.exe File created C:\Program Files (x86)\Common Files\SpeechEngines\Read_Me.txt 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.transport.ecf_1.1.0.v20140408-1354.jar 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SONORA\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00531L.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB01741L.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GrayCheck\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\REPTWIZ.POC 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\1047x576_91n92.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ApothecaryResume.dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt_3.103.1.v20140903-1938.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-print.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jvmstat.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ga\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\LISTS\1033\DATES.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD02161_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GRINTL32.DLL.IDX_DLL 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Oasis\TAB_OFF.GIF 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\sk\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_s.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SUMIPNTG\SUMIPNTG.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00808_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WEBEMAIL.POC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\sunjce_provider.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Galapagos 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.views_3.7.0.v20140408-0703.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mlp_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.APL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Winnipeg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107482.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18217_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\IPM.CFG 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0199423.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SMIMEE.CFG 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libwav_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Toronto 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_hov.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02522_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\DELIMWIN.FAE 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\send-email-16.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-host-remote.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382930.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0185604.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\feature.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00732_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15171_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_Off.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\1px.gif 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\iexplore.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\36.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libfingerprinter_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-uihandler_ja.jar 3697516955.exe File created C:\Program Files\Java\jre7\lib\zi\SystemV\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Places\TOOT.WAV 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-execution.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiling_ja.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\offset_window.html 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\picturePuzzle.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUB6INTL.REST.IDX_DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-editor-mimelookup.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\idlj.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Cairo 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.model.workbench.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmono_plugin.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libchain_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_settings.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01759_.WMF 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14769_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01742_.GIF 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\js\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.workbench.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Canary 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\tpcps.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\org-netbeans-modules-profiler_visualvm.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\PPKLite.api 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21480_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGAD.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\ENV98.POC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\CST6CDT 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\33.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\is\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\SY______.PFM 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\Install\{ED12A50C-ADCB-4FB6-B0B7-713544A9D99B}\CR_EB8C7.tmp\setup.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.DynamicData.dll 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\29.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-dock.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0233070.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\WMPDMCCore.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_h.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00194_.WMF 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\pt-BR.pak 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\3RDPARTY 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.commands_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker_1.1.200.v20131119-0908.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ms.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00260_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0183174.WMF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\sl.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\REPORTS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\EmbeddedView.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextService.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH03379I.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.SF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\mailapi.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-text.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-coredump_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18237_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCHDREQ.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-last-quarter.png 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\hu.pak 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\GRID_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0195788.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BIZFORM.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ExecutiveReport.dotx 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_over.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\sv\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_wav_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSPTLS.DLL 3697516955.exe File created C:\Program Files (x86)\Common Files\System\msadc\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0292152.WMF 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Brisbane 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0284916.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\MLA.XSL 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateCore.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.SF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR16F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\Issues.accdt 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-full.png 3697516955.exe File created C:\Program Files (x86)\Common Files\Adobe\Help\en_US\Adobe Reader\9.0\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00092_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\IEAWSDC.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\CAMERA.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_s.png 3697516955.exe File opened for modification C:\Program Files\TestWatch.mid 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgeCalls.c 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD01193_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14800_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\VIEW.CSS 3697516955.exe File created C:\Program Files (x86)\MSBuild\Microsoft\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationLeft_ButtonGraphic.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine_2.3.0.v20140506-1720.jar 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-join.avi 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\freebl3.dll 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\access_output\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\GREETING.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\en-US\PhotoViewer.dll.mui 3697516955.exe File created C:\Program Files (x86)\WindowsPowerShell\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\sbdrop.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\ED00184_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_pressed.gif 3697516955.exe File created C:\Program Files\Java\jre7\lib\zi\Pacific\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\gui\libqt_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\SPPlugins\ADMPlugin.apl 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105332.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\OCEAN_01.MID 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\bdcmetadataresource.xsd 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.JP.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\gadget.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\ECLIPSE_.SF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\alt-rt.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\mai\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libstats_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-right.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\menu_style_default_Thumbnail.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\soniccolorconverter.ax 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-search_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\stream_window.html 3697516955.exe File created C:\Program Files (x86)\Google\Temp\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00419_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00687_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Oriel.thmx 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Tanspecks.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Americana\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\MAIN.XML 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css\main.css 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\drvSOFT.x3d 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\WSS_DocLib.ico 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\license.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287643.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Angles.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MML2OMML.XSL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00921_.WMF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SKY\SKY.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Composite.xml 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\STARTUP\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Stationery\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_settings.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_classic_win7.css 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\es-419.pak 3697516955.exe File created C:\Program Files\Windows Sidebar\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ko.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01478U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR9B.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\en-US\msdaprsr.dll.mui 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\kn\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00098_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105506.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Urban.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21308_.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Places\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-keyring-fallback.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\eu\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ARCTIC\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\pt.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\plugin2\npjp2.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\locale\updater_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\an\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationLeft_ButtonGraphic.png 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\drag.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\LEVEL\LEVEL.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\IMPMAIL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\Microsoft.Office.InfoPath.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\settings.css 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Reykjavik 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToNotesBackground_PAL.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\classfile_constants.h 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Athens 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgradfun_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_over.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15172_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Class.zip 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadcer.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_windy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR36B.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ACCWIZ\ACWZUSR12.ACCDU 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\ERROR.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\glow.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\15.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_over_BIDI.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Makassar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.transport.ecf.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\control\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\LogoBeta.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-gibbous_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_zh_HK.properties 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libmpg123_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Office.Contract.v9.0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0293800.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_windy.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-options-keymap.xml 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\default_apps\docs.crx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.directorywatcher.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\resources.jar 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101863.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSAEXP30.DLL 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\kab.txt 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\Timeline.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\PST8PDT 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\epl-v10.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01332U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OWSCLT.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_rest.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider_left.png 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\mojo_core.dll 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\intf\modules\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\ZX______.PFB 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1033\hxdsui.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107458.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0183290.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mscss7wre_fr.dub 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Aero.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.contexts_1.3.100.v20140407-1019.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\jp2iexp.dll 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\el\LC_MESSAGES\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Casual.css 3697516955.exe File opened for modification C:\Program Files (x86)\Windows NT\Accessories\en-US\wordpad.exe.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.ui.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\InactiveTabImage.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\Form_StatusImageMask.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Curacao 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\month.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0148757.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15273_.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\groove.net\ManagedObjects\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SOA.DLL 3697516955.exe File opened for modification C:\Program Files\Common Files\System\msadc\adcjavas.inc 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115868.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\DataListIconImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_right_over.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB1B.BDR 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_hail.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341645.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can32.clx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\ODBCR.SAM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsHomePageScript.js 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGBARBLL.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\feature.xml 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationRight_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-text_ja.jar 3697516955.exe File opened for modification C:\Program Files\ShowResize.dot 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\visualization\libglspectrum_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01243_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsIncomingImageMaskSmall.bmp 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Thimphu 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\alert_obj.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Santo_Domingo 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\WATER\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00306_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Urban.thmx 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\Filters\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libmotionblur_plugin.dll 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\ICU\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02400_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_decreaseindent.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_over.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\46.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jdb.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\feature.properties 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341455.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl\background.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\ADRESPEL.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\settings.css 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee100.tlb 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Chicago 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Salta 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+9 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_left_mousedown.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_over.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02398U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceSimplifiedShuangPin.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\javafx.policy 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\ECLIPSE_.SF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-api-caching_ja.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\oc\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\bn_IN\LC_MESSAGES\vlc.mo 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\DataServices\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SMSL.ICO 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsesp.xml 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\META-INF\Read_Me.txt 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00158_.GIF 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\720x480icongraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-9 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107500.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\AUDIOSEARCHMAIN.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\WIND.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kamchatka 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\wmpnetwk.exe 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CAPSULES\CAPSULES.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0318448.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0186002.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PSRCHKEY.DAT 3697516955.exe File created C:\Program Files\Common Files\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\NEWSHM.POC 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Javascripts\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_floating.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00121_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0400005.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCDRESNS.ICO 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Vienna 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00096_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\GIFT.XML 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Rio_Branco 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\doclib.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.intro_3.4.200.v20130326-1254.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_MoveDrop32x32.gif 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Hebron 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll 3697516955.exe File created C:\Program Files\Windows NT\Accessories\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEXBE.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Catamarca 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME05.CSS 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_globalstyle.css 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-last-quarter.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\HLS.api 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099161.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Trek.thmx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSOUC.EXE 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\Read_Me.txt 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\bin\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\libEGL.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\7.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\PipelineSegments.store 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0145212.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152884.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.XML 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives_1.1.100.v20140523-0116.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-uisupport.xml 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ja\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\crashreporter.exe 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\en-US\WMPMediaSharing.dll.mui 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw32.jpg 3697516955.exe File created C:\Program Files\Google\Chrome\Application\86.0.4240.111\MEIPreload\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Green Bubbles.htm 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD10890_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02371_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00212_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\ENVELOPE.DPV 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_left.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-shadow.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Belgrade 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-ui.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libkate_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02077_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\STS2\background.gif 3697516955.exe File opened for modification C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSCommon.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-options-keymap.xml_hidden 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\install.log 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_transcode_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\4.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-gibbous.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-loaders_ja.jar 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationUp_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.property.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\La_Paz 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libedummy_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_sml.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RIPPLE\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Small_News.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0318804.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02296_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGPICCAP.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\POSTCD98.POC 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libextract_plugin.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Pipeline.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_travel_Thumbnail.bmp 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\km\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msdarem.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD08758_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02437_.WMF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\plugin.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Matamoros 3697516955.exe File created C:\Program Files\VideoLAN\VLC\hrtfs\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152600.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239955.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\ACT3.SAM 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Riga 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_windy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\STSLIST.DLL 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt32.clx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Office 2.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSGR3EN.LEX 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Notebook.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\charsets.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-templates_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00136_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187863.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0309664.JPG 3697516955.exe File created C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\lgpllibs.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\fa\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libvobsub_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PIXEL\PIXEL.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Services\verisign.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\VIEW.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Text.zip 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+5 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.httpclient4.ssl_1.0.0.v20140827-1444.jar 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\22.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\LASER.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OLKIRM.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\AdjacencyMergeLetter.dotx 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\ShapeCollector.exe.mui 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLUECALM\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00414_.WMF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Port_Moresby 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSPUB.DEV_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSTORE_COL.HXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\CalendarToolIconImages.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\RedistList\AssemblyList_4_client.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153299.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15134_.GIF 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_up.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0199283.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR33F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\GlobeButtonImage.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_s.png 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ar.pak 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Oral 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Luna.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00058_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\COPYRIGHT 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\OARPMANR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\INDUST\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00390_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099196.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152696.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14580_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\bdcmetadata.xsd 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\digest.s 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.jdp.zh_CN_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multitabs_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Accra 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\extensions\VLSub.luac 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ICE\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Access.en-us\SETUP.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Origin.thmx 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL054.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0175428.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR6B.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\feature.properties 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Linq.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\Microsoft.VisualStudio.Tools.Applications.DesignTime.tlb 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\en-US\oledb32r.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0151055.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382947.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02285_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue\BUTTON.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Yakutat 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\OFFISUPP.HTM 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\OneNote.en-us\SETUP.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\AccessWeb\SERVWRAP.ASP 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\ACE.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ReviewRouting_Review.xsn 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\luac.luac 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\ActiveTabImageMask.bmp 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\DataType\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Windows Media Player\Skins\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\18.png 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\it\LC_MESSAGES\vlc.mo 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\DEEPBLUE\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01607U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY00642_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14655_.GIF 3697516955.exe File opened for modification C:\Program Files\7-Zip\7z.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382965.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\attention.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FOLDPROJ.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-gibbous_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Month_Calendar.emf 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Broken_Hill 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\vlc-48.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198494.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OFFRHD.DLL 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Stanley 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-api-visual.xml_hidden 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Tirane 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\si\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00100_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0086424.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0179963.JPG 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ru-RU\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0286068.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00736_.WMF 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\wa\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\axvlc.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libsvcdsub_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0086478.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\epl-v10.html 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Vevay 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\es\LC_MESSAGES\vlc.mo 3697516955.exe File created C:\Program Files\Windows Media Player\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SONORA\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0387604.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0301050.WMF 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome.exe.sig 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\11.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\UrbanPhotoAlbum.potx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\license.html 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_s.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SoftBlue\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.PL.XML 3697516955.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_rainy.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_plain_Thumbnail.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbynet.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\he\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Journal\JNWDRV.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\WISC30.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ICE\ICE.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0212957.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationLeft_SelectionSubpicture.png 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\Attachments.jpg 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\nss3.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyclient.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\js\jquery.jstree.js 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01297_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18241_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSPUB_COL.HXT 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Panel_Mask.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Monrovia 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_ffd27a_256x240.png 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\mpvis.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341561.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SpringGreen\BUTTON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN001.XML 3697516955.exe File opened for modification C:\Program Files\ConvertFromComplete.mhtml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\sa-jdi.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-api.xml 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\visualization\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-last-quarter_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\library.js 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Petersburg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-services_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libdeinterlace_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\ended_review_or_form.gif 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PAPYRUS\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0241019.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15272_.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Roses.htm 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsPreviewTemplate.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00454_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00656_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02261_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15169_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\ENV11.POC 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\nio.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-6 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\css\cpu.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02423_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\FONTSCHM.INI 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR32F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_FileHighMask.bmp 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Templates\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Indianapolis 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\SIDEBARVERTBB.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287019.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Black Tie.xml 3697516955.exe File created C:\Program Files (x86)\Windows NT\Accessories\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\16.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107746.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-autoupdate-ui.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+2 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\settings.js 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\2d.x3d 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\WMPDMC.exe 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\template.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\People\THROAT.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WEBCALSO.POC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup-impl_zh_CN.jar 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\Read_Me.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\nb\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_over.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PARNT_07.MID 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\pa-in.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Inuvik 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\feature.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.components.ui.ja_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\AdjacencyLetter.dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\libxslt.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Swift_Current 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Windows Journal\en-US\jnwmon.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa37.hyp 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\grayStateIcon.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_it.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107042.WMF 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\0.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00042_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\Discussion.gta 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.BusinessApplications.Runtime.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_up.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\drag.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\weather.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Beirut 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\v8_context_snapshot.bin 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Eula.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSPUB.DEV_COL.HXC 3697516955.exe File created C:\Program Files (x86)\Microsoft.NET\Read_Me.txt 3697516955.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libmft_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_FormsHomePage.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SSGEN.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\DataType\Priority.accft 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ta\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.security_8.1.14.v20131031.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-api.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Concourse.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Perspective.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_dot.png 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\VC\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\zip.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\PowerPoint.en-us\SETUP.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR20F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\XLSLICER.DLL.IDX_DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsViewFrame.html 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile_drop_shadow.png 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ku-ckb.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-threaddump.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaora.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02058U.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0183328.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18190_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18200_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mscss7wre_es.dub 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\cacerts 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198234.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OIS.HXS 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR13F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\ModifiedTelespace.ico 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\sv.pak 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\Read_Me.txt 3697516955.exe File created C:\Program Files\Windows Photo Viewer\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_top.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\setting_back.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\cloud_Thumbnail.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\psfontj2d.properties 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-string-l1-1-0.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\az\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libaribcam_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\logsession.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105638.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02444_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\asl-v20.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBCONV.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN048.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287642.JPG 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\InfoPathOMFormServicesV12\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\info.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Rome 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10253_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB6.BDR 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\MANIFEST.MF 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\10.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CENTEURO.TXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\People\COUGH.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue\HEADER.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_mru_on_win7.css 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Web Folders\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00191_.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DissolveAnother.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\LogTransport2.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\msitss55.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RICEPAPR\THMBNAIL.PNG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101861.BMP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107528.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Formal.dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKACCS.ICO 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.services_3.4.0.v20140312-2051.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0188587.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0205582.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Oasis\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\5.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\fontconfig.bfc 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-first-quarter.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY00132_.WMF 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\az\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\libEGL.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\APPT.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\SNET.NET.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\feature.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105390.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_choosecolor.gif 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Panama 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libsapi_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD02068_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0278702.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL108.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\glass.png 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\ParentMenuButtonIcon.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-progress-ui_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Colombo 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EXPEDITN\EXPEDITN.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0102002.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0149118.JPG 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Hebron 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Tell_City 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Christmas 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Tucuman 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01244_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javaws.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-editor-mimelookup-impl.jar 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\liboldmovie_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099183.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0215210.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\WebToolIconImagesMask.bmp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Biscay.css 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+6 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ru\LC_MESSAGES\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mset7en.kic 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\DMR_120.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-full_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\lij.txt 3697516955.exe File created C:\Program Files\VideoLAN\VLC\lua\meta\art\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01167_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105286.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02041_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SoftBlue.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL016.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-impl_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\EURO\MSOEURO.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSOUC_COL.HXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR33F.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_preferencestyle.css 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Macquarie 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ka\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\DMR_48.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_dot.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\DW\DWTRIG20.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\VelvetRose.css 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationLeft_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup_ja.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\newgrounds.luac 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_mms_plugin.dll 3697516955.exe File created C:\Program Files\Windows Portable Devices\Read_Me.txt 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00160_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099197.GIF 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\Triedit\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSACCESS.DEV_COL.HXT 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\39.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\RECYCLE.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-windows.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ach\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239965.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Discussion\DiscussionToolIconImages.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\0.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.RSA 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_dummy_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup-impl_ja.jar 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\wmpnscfg.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00334_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0292270.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Hardware Tracker.fdt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SHAREPOINTPROVIDER.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\icon.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-applemenu_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-nodes.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-execution.xml 3697516955.exe File created C:\Program Files (x86)\Internet Explorer\SIGNUP\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0293234.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\INFINTL.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGACCBOX.DPV 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsScenesBackground_PAL.wmv 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Extensions.Design.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0214098.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EXPEDITN\EXPEDITN.ELM 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\feature.properties 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.text.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libdvbsub_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\COMPASS\COMPASS.ELM 3697516955.exe File opened for modification C:\Program Files\Google\Chrome\Application\86.0.4240.111\eventlog_provider.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0230876.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\WORDIRM.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Class.zip 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Paper.thmx 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationRight_ButtonGraphic.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\OrangeCircles.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\ESEN\MSB1ESEN.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Paper.eftx 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\mn.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-favorites_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Irkutsk 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Kaliningrad 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\1.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\ROMAN.TXT 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGLOGO.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.syntheticnotification.exsd 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CYRILLIC.TXT 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sl.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SpringGreen\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\Microsoft.Ink.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\add_up.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21399_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR27F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Things\CAN.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\ACCSBAR.POC 3697516955.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceSimplifiedShuangPin.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\CMap\Identity-H 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\2052\hxdsui.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ENVELOPR.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\validation.js 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_buttongraphic.png 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\be\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107290.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0182888.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01295_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Apex.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OneNote\SendToOneNote.gpd 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\PINELUMB.HTM 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\af\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\plugin.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-host-views.xml 3697516955.exe File opened for modification C:\Program Files\Windows Mail\MSOERES.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\MSClientDataMgr\MSCDM.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\psmachine.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03331_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Slate\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\tipresx.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.win32.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\sunmscapi.dll 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\README.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\en-US\msadcer.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD02071_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02417_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\ONENOTE_F_COL.HXK 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.RSA 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PEOPLEDATAHANDLER.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.DataSetExtensions.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\curl-hot.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_MediumMAsk.bmp 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Bougainville 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw120.jpg 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\mscss7en.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBHD.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\STRBRST.POC 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\sunmscapi.dll 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_selectionsubpicture.png 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\Read_Me.txt 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Outlook.en-us\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0178460.JPG 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\ga.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-util-lookup.xml 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-multibyte-l1-1-0.dll 3697516955.exe File created C:\Program Files\VideoLAN\VLC\plugins\stream_extractor\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01680_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN092.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\San_Luis 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\STRTEDGE\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02270_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.NZ.XML 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.nl_ja_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\release 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\XLICONS.EXE 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)grayStateIcon.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\feature.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-fallback_zh_CN.jar 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\id\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\en-US\gadget.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\METCONV.TXT 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SATIN\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04384_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\feature.properties 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0216858.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\J0115856.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\MarkupIconImages.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange\tab_off.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01629_.WMF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libsftp_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107658.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01293_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Stationery\1033\OFFISUPP.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\MedianReport.Dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.common_5.5.0.165303.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Slate.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-windows.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\eclipse_update_120.jpg 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\libaudiobargraph_v_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EVRGREEN\EVRGREEN.ELM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105348.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+2 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Kentucky\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\settings.html 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0292278.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02448_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Couture.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\WebToolIconImages.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\STS2\TAB_OFF.GIF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\203x8subpicture.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\gadget.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CASCADE\CASCADE.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00118_.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\VideoLAN Website.url 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107280.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\cmm\GRAY.pf 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.ds_1.4.200.v20131126-2331.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\status.json 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLPERF.H 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Places\BUZZ.WAV 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsMacroTemplate.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+9 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.felix.gogo.command_0.10.0.v201209301215.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.httpclient4_1.0.800.v20140827-1444.jar 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0196364.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\OLADDR.FAE 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_choosecolor.gif 3697516955.exe File opened for modification C:\Program Files\Internet Explorer\F12Resources.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-today.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-last-quarter_partly-cloudy.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\eclipse.inf 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_issue.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0199475.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY00560_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR30F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-down.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_dot.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler-charts.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.core.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\stream_config_window.html 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\ODeploy.exe 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Damascus 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\bn_IN\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Casey 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Guyana 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02791_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_s.png 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\sv-SE\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\conticon.gif 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.sat4j.pb_2.3.5.v201404071733.jar 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\MP00021_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0216516.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GROOVE_K_COL.HXK 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\PassportMask.wmv 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Microsoft Office\Office14\IEAWSDC.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPAPERS.INI 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\license.html 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\IRIS\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0174639.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTaskIcon.jpg 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NAMECONTROLPROXY.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_rest.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+10 3697516955.exe File opened for modification C:\Program Files\DVD Maker\sonicsptransform.ax 3697516955.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Chuuk 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\wmpshare.exe 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_hail.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm.api 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00458_.WMF 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\vintage.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR36F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\RECL.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\gadget.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR12F.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Belize 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Hong_Kong 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\updater.exe 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_setid_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0297759.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14984_.GIF 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\wsimport.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.security.ui_1.1.200.v20130626-2037.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\javafx-iio.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\7.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSLoc.dll.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado25.tlb 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SketchPadTestSchema.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\Office Word 2003 Look.dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Jamaica 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_smem_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-full.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCHDCNCL.CFG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_hyperlink.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\SLERROR.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_h.png 3697516955.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.WorkflowServices.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099174.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BCSRuntime.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\misc.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-14 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\license.html 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-uihandler.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaSansDemiBold.ttf 3697516955.exe File opened for modification C:\Program Files\Windows Journal\InkSeg.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider_left.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_snow.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Proofing.en-us\Proofing.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Port_of_Spain 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02361_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY00170_.WMF 3697516955.exe File created C:\Program Files (x86)\Microsoft Office\Office14\XLSTART\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\FAX\EquityFax.Dotx 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RMNSQUE\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\decora-sse.dll 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\mozavcodec.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office64.en-us\Office64MUISet.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsHomePageStyle.css 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jvisualvm.exe 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javacpl.exe 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+5 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SONORA\SONORA.INF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsColorChart.html 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationUp_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Edmonton 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+8 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\fr\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_hov.png 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\40.png 3697516955.exe File created C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RMNSQUE\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Pago_Pago 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0213449.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR37F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR2F.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL048.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0103850.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\rss.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287645.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH03425I.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115843.GIF 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_heb.xml 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Ceuta 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Danmarkshavn 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\wmpnssci.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-gibbous.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\msjet.xsl 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_GreenTea.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_m.png 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web\webbase.xml 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACECORE.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.WIH 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Composite.eftx 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.BusinessApplications.RuntimeUi.dll 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_over.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msador15.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_lt.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions_Generic.css 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Places\LASER.WAV 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423861240811.profile.gz 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.equinox_1.0.500.v20131211-1531.jar 3697516955.exe File opened for modification C:\Program Files\Mozilla Firefox\nssckbi.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00008_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0196400.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0199805.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21297_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\IPEDINTL.DLL 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Maldives 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02218_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR4F.GIF 3697516955.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\css\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-hot.png 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_hov.png 3697516955.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\CGMIMP32.HLP 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\BREAK.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\42.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director_2.3.100.v20140224-1921.jar 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\NextMenuButtonIcon.png 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\fy\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_up.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CONCRETE\PREVIEW.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14844_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\PROTTPLN.DOC 3697516955.exe File created C:\Program Files\Common Files\System\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL090.XML 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\vocaroo.luac 3697516955.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\BIN\1033\FPEXT.MSG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00723_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00217_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\TURABIAN.XSL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Biscay\TAB_ON.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Budapest 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGSIDEBR.DPV 3697516955.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_zh-TW.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\MMSS.ICO 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\StopIconMask.bmp 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png 3697516955.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\DataMatrix.pmp 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Stars.htm 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00164_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0158071.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00052_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL01040_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ExecutiveMergeLetter.dotx 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.servlet_3.0.0.v201112011016.jar 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-charts_zh_CN.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Copenhagen 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\ca\LC_MESSAGES\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\EST5 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0090783.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107146.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\VelvetRose.css 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPOBJS.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BS4BOXES.POC 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\LoginDialogBackground.jpg 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Seoul 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jmx_ja.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_LinkDrop32x32.gif 3697516955.exe File created C:\Program Files\VideoLAN\VLC\locale\sk\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_ts_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Internet Explorer\ieinstal.exe 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\GWE.ICO 3697516955.exe File opened for modification C:\Program Files\7-Zip\Lang\bn.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL093.XML 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Grand_Turk 3697516955.exe File created C:\Program Files\Microsoft Office\Office14\1033\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Bangkok 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107342.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSTORES.DLL 3697516955.exe File opened for modification C:\Program Files (x86)\Windows Mail\en-US\WinMail.exe.mui 3697516955.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_SelectionSubpicture.png 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-io-ui.xml 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Vostok 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.IE.XML 3697516955.exe File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\logs\maintenanceservice-install.log 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Juneau 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02431_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\DELETE.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Notebook Templates\Notebook03.onepkg 3697516955.exe File created C:\Program Files (x86)\WindowsPowerShell\Modules\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0151073.WMF 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\Center 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\en-US\msdaprsr.dll.mui 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\com-sun-tools-visualvm-modules-startup.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\net.dll 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\net.properties 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile_drop_shadow.png 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SoftBlue\tab_off.gif 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.PH.XML 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Warsaw 3697516955.exe File opened for modification C:\Program Files\Windows Media Player\en-US\wmplayer.exe.mui 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\STUBBY2.WMF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099152.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0252669.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01474_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14539_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationBuildTasks.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\stopNetworkServer.bat 3697516955.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Sydney 3697516955.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-disable.png 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\README.HTM 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MSPUB.OPG 3697516955.exe File created C:\Program Files (x86)\Microsoft Synchronization Services\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Yakutat 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152430.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE06450_.WMF 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libsubtitle_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs-nio2_ja.jar 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\modules\host.luac 3697516955.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.dll 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\ADD.GIF 3697516955.exe File created C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\Desktop\Read_Me.txt 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes.nl_zh_4.4.0.v20140623020002.jar 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\ssvagent.exe 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\meta\reader\filename.luac 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00526_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00915_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152690.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01569_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONBttnWD.dll 3697516955.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\To_Do_List.emf 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll 3697516955.exe File opened for modification C:\Program Files\Windows Journal\Templates\Music.jtp 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15022_.GIF 3697516955.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\epl-v10.html 3697516955.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\vi\LC_MESSAGES\vlc.mo 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH03014_.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18193_.WMF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\J0115876.GIF 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\CURRENCY.JPG 3697516955.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.SE.XML 3697516955.exe File opened for modification C:\Program Files\Java\jre7\bin\t2k.dll 3697516955.exe -
Drops file in Windows directory 14 IoCs
Processes:
msiexec.exedescription ioc Process File created C:\Windows\Installer\f755a21.mst msiexec.exe File opened for modification C:\Windows\Installer\MSI5C53.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI624D.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI8F88.tmp msiexec.exe File opened for modification C:\Windows\Installer\ msiexec.exe File opened for modification C:\Windows\Installer\MSI969D.tmp msiexec.exe File opened for modification C:\Windows\Installer\f755a24.ipi msiexec.exe File opened for modification C:\Windows\Installer\f755a21.mst msiexec.exe File opened for modification C:\Windows\Installer\MSI7B3B.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI8D07.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI9083.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI6588.tmp msiexec.exe File created C:\Windows\Installer\f755a24.ipi msiexec.exe File opened for modification C:\Windows\Installer\MSI91CB.tmp msiexec.exe -
Modifies data under HKEY_USERS 3 IoCs
Processes:
msiexec.exedescription ioc Process Key deleted \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\25\52C64B7E msiexec.exe Key deleted \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\25 msiexec.exe Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\26 msiexec.exe -
Modifies registry class 35 IoCs
Processes:
explorer.exeexplorer.exemsiexec.exeexplorer.exedescription ioc Process Set value (data) \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff explorer.exe Key created \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_Classes\Local Settings explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\ShellEx\IconHandler msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\xmlfile\shell\edit msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\xmlfile\shell\open\command msiexec.exe Set value (data) \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\DefaultIcon msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\DefaultIcon\ = "\"%1\"" msiexec.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile msiexec.exe Key created \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_Classes\Local Settings explorer.exe Set value (data) \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\ShellEx msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\xmlfile\shell\open msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\xmlfile\DefaultIcon msiexec.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\ShellEx msiexec.exe Key created \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\shell\edit msiexec.exe Key created \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_Classes\Local Settings explorer.exe Set value (data) \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\shell\edit\command msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\xmlfile\shell\edit\command msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\shell\edit\command\ = "\"C:\\Program Files (x86)\\Common Files\\Microsoft Shared\\OFFICE14\\MSOXMLED.EXE\" /verb edit \"%1\"" msiexec.exe Key created \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell explorer.exe Key created \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell explorer.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\shell\open\command\ = "\"C:\\Program Files (x86)\\Common Files\\Microsoft Shared\\OFFICE14\\MSOXMLED.EXE\" /verb open \"%1\"" msiexec.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\ShellEx\IconHandler msiexec.exe Set value (data) \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff explorer.exe Key created \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\shell\open\command msiexec.exe Key created \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU explorer.exe Set value (data) \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\shell\open msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\xmlfile\ShellEx\IconHandler msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\ShellEx\IconHandler\ = "{AB968F1E-E20B-403A-9EB8-72EB0EB6797E}" msiexec.exe Key created \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell explorer.exe -
Suspicious behavior: EnumeratesProcesses 4554 IoCs
Processes:
3697516955.exepid Process 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1292 msiexec.exe 1292 msiexec.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe 1568 3697516955.exe -
Suspicious behavior: GetForegroundWindowSpam 2 IoCs
Processes:
explorer.exeexplorer.exepid Process 1592 explorer.exe 364 explorer.exe -
Suspicious behavior: RenamesItself 1 IoCs
Processes:
3697516955.exepid Process 1568 3697516955.exe -
Suspicious use of AdjustPrivilegeToken 144 IoCs
Processes:
explorer.exeAUDIODG.EXEmsiexec.exeexplorer.exedescription pid Process Token: SeShutdownPrivilege 1504 explorer.exe Token: SeShutdownPrivilege 1504 explorer.exe Token: SeShutdownPrivilege 1504 explorer.exe Token: SeShutdownPrivilege 1504 explorer.exe Token: SeShutdownPrivilege 1504 explorer.exe Token: SeShutdownPrivilege 1504 explorer.exe Token: SeShutdownPrivilege 1504 explorer.exe Token: 33 948 AUDIODG.EXE Token: SeIncBasePriorityPrivilege 948 AUDIODG.EXE Token: 33 948 AUDIODG.EXE Token: SeIncBasePriorityPrivilege 948 AUDIODG.EXE Token: SeShutdownPrivilege 1504 explorer.exe Token: SeShutdownPrivilege 1504 explorer.exe Token: SeIncreaseQuotaPrivilege 1504 explorer.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeSecurityPrivilege 1292 msiexec.exe Token: SeCreateTokenPrivilege 1504 explorer.exe Token: SeAssignPrimaryTokenPrivilege 1504 explorer.exe Token: SeLockMemoryPrivilege 1504 explorer.exe Token: SeIncreaseQuotaPrivilege 1504 explorer.exe Token: SeMachineAccountPrivilege 1504 explorer.exe Token: SeTcbPrivilege 1504 explorer.exe Token: SeSecurityPrivilege 1504 explorer.exe Token: SeTakeOwnershipPrivilege 1504 explorer.exe Token: SeLoadDriverPrivilege 1504 explorer.exe Token: SeSystemProfilePrivilege 1504 explorer.exe Token: SeSystemtimePrivilege 1504 explorer.exe Token: SeProfSingleProcessPrivilege 1504 explorer.exe Token: SeIncBasePriorityPrivilege 1504 explorer.exe Token: SeCreatePagefilePrivilege 1504 explorer.exe Token: SeCreatePermanentPrivilege 1504 explorer.exe Token: SeBackupPrivilege 1504 explorer.exe Token: SeRestorePrivilege 1504 explorer.exe Token: SeShutdownPrivilege 1504 explorer.exe Token: SeDebugPrivilege 1504 explorer.exe Token: SeAuditPrivilege 1504 explorer.exe Token: SeSystemEnvironmentPrivilege 1504 explorer.exe Token: SeChangeNotifyPrivilege 1504 explorer.exe Token: SeRemoteShutdownPrivilege 1504 explorer.exe Token: SeUndockPrivilege 1504 explorer.exe Token: SeSyncAgentPrivilege 1504 explorer.exe Token: SeEnableDelegationPrivilege 1504 explorer.exe Token: SeManageVolumePrivilege 1504 explorer.exe Token: SeImpersonatePrivilege 1504 explorer.exe Token: SeCreateGlobalPrivilege 1504 explorer.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeIncreaseQuotaPrivilege 1592 explorer.exe Token: SeCreateTokenPrivilege 1592 explorer.exe Token: SeAssignPrimaryTokenPrivilege 1592 explorer.exe Token: SeLockMemoryPrivilege 1592 explorer.exe Token: SeIncreaseQuotaPrivilege 1592 explorer.exe Token: SeMachineAccountPrivilege 1592 explorer.exe Token: SeTcbPrivilege 1592 explorer.exe Token: SeSecurityPrivilege 1592 explorer.exe Token: SeTakeOwnershipPrivilege 1592 explorer.exe Token: SeLoadDriverPrivilege 1592 explorer.exe Token: SeSystemProfilePrivilege 1592 explorer.exe Token: SeSystemtimePrivilege 1592 explorer.exe Token: SeProfSingleProcessPrivilege 1592 explorer.exe Token: SeIncBasePriorityPrivilege 1592 explorer.exe Token: SeCreatePagefilePrivilege 1592 explorer.exe Token: SeCreatePermanentPrivilege 1592 explorer.exe Token: SeBackupPrivilege 1592 explorer.exe Token: SeRestorePrivilege 1592 explorer.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeDebugPrivilege 1592 explorer.exe Token: SeAuditPrivilege 1592 explorer.exe Token: SeSystemEnvironmentPrivilege 1592 explorer.exe Token: SeChangeNotifyPrivilege 1592 explorer.exe Token: SeRemoteShutdownPrivilege 1592 explorer.exe Token: SeUndockPrivilege 1592 explorer.exe Token: SeSyncAgentPrivilege 1592 explorer.exe Token: SeEnableDelegationPrivilege 1592 explorer.exe Token: SeManageVolumePrivilege 1592 explorer.exe Token: SeImpersonatePrivilege 1592 explorer.exe Token: SeCreateGlobalPrivilege 1592 explorer.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeShutdownPrivilege 1592 explorer.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeRestorePrivilege 1292 msiexec.exe Token: SeTakeOwnershipPrivilege 1292 msiexec.exe Token: SeShutdownPrivilege 364 explorer.exe Token: SeShutdownPrivilege 364 explorer.exe Token: SeShutdownPrivilege 364 explorer.exe Token: SeShutdownPrivilege 364 explorer.exe Token: SeShutdownPrivilege 364 explorer.exe Token: SeShutdownPrivilege 364 explorer.exe Token: SeShutdownPrivilege 364 explorer.exe Token: SeShutdownPrivilege 364 explorer.exe Token: SeShutdownPrivilege 364 explorer.exe -
Suspicious use of FindShellTrayWindow 66 IoCs
Processes:
DllHost.exeexplorer.exeexplorer.exeexplorer.exepid Process 1088 DllHost.exe 1504 explorer.exe 1504 explorer.exe 1504 explorer.exe 1504 explorer.exe 1504 explorer.exe 1504 explorer.exe 1504 explorer.exe 1504 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe -
Suspicious use of SendNotifyMessage 69 IoCs
Processes:
explorer.exeexplorer.exeexplorer.exepid Process 1504 explorer.exe 1504 explorer.exe 1504 explorer.exe 1504 explorer.exe 1504 explorer.exe 1504 explorer.exe 1504 explorer.exe 1504 explorer.exe 1504 explorer.exe 1504 explorer.exe 1504 explorer.exe 1504 explorer.exe 1504 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 1592 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe 364 explorer.exe -
Suspicious use of WriteProcessMemory 28 IoCs
Processes:
Photo-125-137.jpg.scr17078.exewinsvcs.exemsiexec.exedescription pid Process procid_target PID 1688 wrote to memory of 564 1688 Photo-125-137.jpg.scr 31 PID 1688 wrote to memory of 564 1688 Photo-125-137.jpg.scr 31 PID 1688 wrote to memory of 564 1688 Photo-125-137.jpg.scr 31 PID 1688 wrote to memory of 564 1688 Photo-125-137.jpg.scr 31 PID 1688 wrote to memory of 680 1688 Photo-125-137.jpg.scr 34 PID 1688 wrote to memory of 680 1688 Photo-125-137.jpg.scr 34 PID 1688 wrote to memory of 680 1688 Photo-125-137.jpg.scr 34 PID 1688 wrote to memory of 680 1688 Photo-125-137.jpg.scr 34 PID 680 wrote to memory of 1804 680 17078.exe 35 PID 680 wrote to memory of 1804 680 17078.exe 35 PID 680 wrote to memory of 1804 680 17078.exe 35 PID 680 wrote to memory of 1804 680 17078.exe 35 PID 1804 wrote to memory of 1568 1804 winsvcs.exe 37 PID 1804 wrote to memory of 1568 1804 winsvcs.exe 37 PID 1804 wrote to memory of 1568 1804 winsvcs.exe 37 PID 1804 wrote to memory of 1568 1804 winsvcs.exe 37 PID 1292 wrote to memory of 1872 1292 msiexec.exe 42 PID 1292 wrote to memory of 1872 1292 msiexec.exe 42 PID 1292 wrote to memory of 1872 1292 msiexec.exe 42 PID 1292 wrote to memory of 1872 1292 msiexec.exe 42 PID 1292 wrote to memory of 1872 1292 msiexec.exe 42 PID 1292 wrote to memory of 1872 1292 msiexec.exe 42 PID 1292 wrote to memory of 1872 1292 msiexec.exe 42 PID 1292 wrote to memory of 1532 1292 msiexec.exe 44 PID 1292 wrote to memory of 1532 1292 msiexec.exe 44 PID 1292 wrote to memory of 1532 1292 msiexec.exe 44 PID 1292 wrote to memory of 1532 1292 msiexec.exe 44 PID 1292 wrote to memory of 1532 1292 msiexec.exe 44
Processes
-
C:\Users\Admin\AppData\Local\Temp\Photo-125-137.jpg.scr"C:\Users\Admin\AppData\Local\Temp\Photo-125-137.jpg.scr" /S1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:1688 -
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c start C:\Users\Admin\AppData\Local\Temp\25547.jpg2⤵PID:564
-
-
C:\Users\Admin\AppData\Local\Temp\17078.exeC:\Users\Admin\AppData\Local\Temp\17078.exe2⤵
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
- Suspicious use of WriteProcessMemory
PID:680 -
C:\4281278655928\winsvcs.exeC:\4281278655928\winsvcs.exe3⤵
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
- Suspicious use of WriteProcessMemory
PID:1804 -
C:\Users\Admin\AppData\Local\Temp\3697516955.exeC:\Users\Admin\AppData\Local\Temp\3697516955.exe4⤵
- Executes dropped EXE
- Modifies extensions of user files
- Loads dropped DLL
- Drops desktop.ini file(s)
- Enumerates connected drives
- Drops file in Program Files directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: RenamesItself
PID:1568
-
-
-
-
C:\Windows\SysWOW64\DllHost.exeC:\Windows\SysWOW64\DllHost.exe /Processid:{76D0CB12-7604-4048-B83C-1005C7DDC503}1⤵
- Suspicious use of FindShellTrayWindow
PID:1088
-
C:\Windows\explorer.exeexplorer.exe1⤵
- Drops desktop.ini file(s)
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:1504
-
C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\AUDIODG.EXE 0x4801⤵
- Suspicious use of AdjustPrivilegeToken
PID:948
-
C:\Windows\system32\msiexec.exeC:\Windows\system32\msiexec.exe /V1⤵
- Enumerates connected drives
- Drops file in Windows directory
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:1292 -
C:\Windows\syswow64\MsiExec.exeC:\Windows\syswow64\MsiExec.exe -Embedding 1527246EA7059FADA727A3AA7132495E2⤵
- Loads dropped DLL
PID:1872
-
-
C:\Windows\system32\MsiExec.exeC:\Windows\system32\MsiExec.exe -Embedding 2EDE0356D3DBB64E16A0314313F8C7D42⤵
- Loads dropped DLL
PID:1532
-
-
C:\Windows\explorer.exeexplorer.exe1⤵
- Modifies service
- Modifies registry class
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:1592
-
C:\Windows\explorer.exeexplorer.exe1⤵
- Modifies service
- Modifies registry class
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:364
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
MD5
c4f7ad9cdb934e4414e2cf58eb0062d1
SHA130268fc11e0ef7e54e219ef0dee3b75734a85c67
SHA2563ee3db80ebec5075b9dfb525f00bc9a494af450a9d650c995fbe01e0ec2c84b8
SHA5125259699a3a075d41928ec8079e0bdef33176261cc4d63f3287377cc58f01f755468a850abb1c2552245dfb2814c9245f7ff0b77620fd669661ff8edf8cf83a38
-
MD5
c4f7ad9cdb934e4414e2cf58eb0062d1
SHA130268fc11e0ef7e54e219ef0dee3b75734a85c67
SHA2563ee3db80ebec5075b9dfb525f00bc9a494af450a9d650c995fbe01e0ec2c84b8
SHA5125259699a3a075d41928ec8079e0bdef33176261cc4d63f3287377cc58f01f755468a850abb1c2552245dfb2814c9245f7ff0b77620fd669661ff8edf8cf83a38
-
MD5
c4f7ad9cdb934e4414e2cf58eb0062d1
SHA130268fc11e0ef7e54e219ef0dee3b75734a85c67
SHA2563ee3db80ebec5075b9dfb525f00bc9a494af450a9d650c995fbe01e0ec2c84b8
SHA5125259699a3a075d41928ec8079e0bdef33176261cc4d63f3287377cc58f01f755468a850abb1c2552245dfb2814c9245f7ff0b77620fd669661ff8edf8cf83a38
-
MD5
c4f7ad9cdb934e4414e2cf58eb0062d1
SHA130268fc11e0ef7e54e219ef0dee3b75734a85c67
SHA2563ee3db80ebec5075b9dfb525f00bc9a494af450a9d650c995fbe01e0ec2c84b8
SHA5125259699a3a075d41928ec8079e0bdef33176261cc4d63f3287377cc58f01f755468a850abb1c2552245dfb2814c9245f7ff0b77620fd669661ff8edf8cf83a38
-
MD5
2c871b95d6dcb52d999f3be6c74a6373
SHA1e37a1339851d1c1dada95dcf38ee613c8ee26199
SHA25690dd20d0e75dcb3c9ee35b5959d7fc3327377aaf44e2496a73aae19efcfc5e68
SHA512867ea3b1d04e3c8c3c6c1019567e05fd925e57f27bb6c61e4244fd9ed085c4cf84f193f3fcf292dc3404e82414ad7770fdd79bca5c94e0ff5c32c16bc742df8e
-
MD5
7d52884b375ce8b6182f1c53f0f1c496
SHA16b70e90b0dada8d93c61caa678e76ce2abcbc76b
SHA2569c48e8a5f83614f685249486a13a8a132660f37d11c5f55581414dbf02091021
SHA51224350255bda3672cce0ff22221e5973cd69f5b8470eb642e9679c3c006716271af8f32a2d4ee5309949c746eb9cb15bba411052fd4935a2a2b436501c7b4a515
-
MD5
7d52884b375ce8b6182f1c53f0f1c496
SHA16b70e90b0dada8d93c61caa678e76ce2abcbc76b
SHA2569c48e8a5f83614f685249486a13a8a132660f37d11c5f55581414dbf02091021
SHA51224350255bda3672cce0ff22221e5973cd69f5b8470eb642e9679c3c006716271af8f32a2d4ee5309949c746eb9cb15bba411052fd4935a2a2b436501c7b4a515
-
MD5
78fb79f91cf77d067ed2d665f06292b5
SHA1384396e6e88336165d42afd36373eb80d6300811
SHA256fc12155935f220444d12eb4aa3019fb30f9df9f1217f0b519115bae052108a43
SHA512f4f4048781bafafd96c26c1bb502ca952452f808ab442440df2f2e06711cc943ce834af4193fc2e52b0f55e0221446466fdc43dd4f622769f4541361040a5ad9
-
MD5
ae6e2c7826d9c7c475755724f472da4a
SHA138bb484338f179fe6ed9b671fabc10e6da246053
SHA2562b9e75f79f96c9cfc885a0143b8da4f61565f27c0200390707febcd51b37dc9c
SHA5129aa325c5b3fca652e0b89ed3fa4430c1b6845b0d698832c2a701a017b37dfe15fd001560aa70cdcdbc3d3cd880a3ce788095d61cf23f3a4de214e3f96a79e35c
-
MD5
aa3b8436ec1c60cdd210837da3edec37
SHA1824912a01851ac7b1a5c58ea3b1deec966132368
SHA256cf94f55bb08c751668ab5d53bdfd70d31531fa4edf52749907d9cc6ea67b185b
SHA5120f42316717e204593b2ea2f5201b9da826ac53f2b6fdeb6b0cf050e987eabe08da365c7b012c0a92ebe2a07b2120c330fdab439f6e325670d0e1954c8333304c
-
MD5
ec70d0ed822936e00f12a1d64242e46a
SHA13b90de9145fea3a44fe7808bfc569752938a4c9a
SHA256690e52b4ecf14eb0774580ed4b7794b72afa8fefc607c17b944cffb2b868face
SHA512806cb8c2168b7148106a0ebb94301d5eb76d77b0a037ca50f6567c609aa2b484b4dfd160877d98f87d4c6d26f5ca03f4af03f80e0b49c54dd9c5214026e55a6c
-
MD5
b6ece3649ee2209703d0d1c2ca909c92
SHA1099903e40afc95e2b2e3f8d809b01a0d4c6f86e7
SHA256d265bd3f14867f9580dee643c09e93c40fc0518c2e6f592e4c168a01b8c58b2c
SHA5122242829e1525bee75762b1a5d45e6ef425009f6ed4dfa3d147cc25e0c85cd16b867346d47b70af7ccd0ed0bb37d00f26f0fb42e461983a158abdb74ce2286536
-
MD5
381c275f3674ee82c214c3cfe9c0b81a
SHA170375d272867dc45565cd9ca79f9bf2de6559a7e
SHA256c99350ab904ad487587185b159fddd6d2156c97b39ad98462c21e15b67df2dd0
SHA512d22ac1f459f8523f0a2c064fac6930c3381dcdd29ed1de6c3e086469668198a7089b53e0f53136597fc68cb6188f28d70427bf5629443d2eab6bd65c110eeb83
-
MD5
23a8e096bf0b1e443d30772a1a0b516d
SHA148f324d086e60be4502c1001e2d3f7831e0a2c52
SHA2563d769af422d79e311c230da80a6cdd33e0a644473584d74c60c1e22388efc152
SHA512937c12a7d56525e3b22cc372265b74c34ede7393162df2735c5f120c411cebe08bd50949bbc961ff2c48bfd6d245141981717cf278b1a54395e212fcb089c915
-
MD5
a110a45bc0a2ab77f5d8f45eea2b5c0b
SHA1ecbe9cd71a22b1d3f2a7d2dc41b2f07ef70131a3
SHA256b3b80a7e386e1eb0b0a8b0961ac31dd24e7fc9625d4f8bd0b9e362e1e84f4546
SHA5124d39aca4b5b49ac29db73719331350ad9f87febfadb7e6ac106efab011effbd26fecb465657849bd0f97eedb5485c32c4fcb71d828f7c7a8cf3f780542a765d3
-
MD5
462e48ac678631b5d6b2476559fb422b
SHA174bf9246a710e2f7a95b641cf39b9555b66f27e1
SHA256b364c8495356980e0dd7b1d3af39ae12aee27bc9f1393b8c519cc54f59531841
SHA51245e1eff3175da4582d13d7e9f11a499c2e1646f5d391a3f66d9909caaf59ff93b1be3633abf3dfcf46150a3abffe3f1e55fddb5c3ec5b95eb623b4cce1a35622
-
MD5
b409256e2cda6e80af299d69e33787d0
SHA116a80baa32eb9be6ac8c551155fec43bd660b485
SHA25670eb164f30cf68f897e6f4c9106d52509978ac0e31684fc7fdcca88815373bf0
SHA512a546261bbedcbc0ec0bf6ccb42f47a2480f73c6801ff11f40230dc38306c1e9e3446ceea51939ad89507c85e653502a08e88eefe40a3179fb7ecb44b7b76cb89
-
MD5
d7b05a96d0d7f4750b01e28c9e0c119e
SHA172b0559b3858cf5385540c58e5ff8876e5843d05
SHA2568308a224db2f76f9671bc9eb6bf2c0672e4811ac4cc59003289ebe4139aaef1d
SHA5124765cf9d2238728a40d31528623cd8ca844e147d7378016d51caafc90128553fcc3c0640e8117173b05b30af2bd8b49ac6a54c248557c487aeac293066e4f5c5
-
MD5
d0a994db4a90bf8b4c4cd9069e99c57f
SHA1e8167ae772d1da9f32e746bd7ce82792f3efa8f4
SHA256cd32f99ecbb9eb2af8fc0fe3217c8ddbef4291bf3224a8f5e58b833e4e59766b
SHA5121cb8ee46c5dabc23fa9b5b2031958b1defeadc57e3b00e1567f50665450ba6852f58bcc697e0c4b4d70f8292e95a5b0b68ceef4e8fc904b4422c21bb66a41aa7
-
MD5
78fb79f91cf77d067ed2d665f06292b5
SHA1384396e6e88336165d42afd36373eb80d6300811
SHA256fc12155935f220444d12eb4aa3019fb30f9df9f1217f0b519115bae052108a43
SHA512f4f4048781bafafd96c26c1bb502ca952452f808ab442440df2f2e06711cc943ce834af4193fc2e52b0f55e0221446466fdc43dd4f622769f4541361040a5ad9
-
MD5
31e94581c8ed58b6226d95877da41628
SHA1a93bc9b8903d33e7cd0e2edcff03af2d258ec070
SHA256c39619dbfb2a54767d760e0c2d61d2379ca489da288109f30e1a7b015a81ee58
SHA512e1c4f00621b5b8a400c7012f7b3948d69373429672269491d44fb11620c33b081b00fe464495a986fa44576cc211ccaa0dc21f340e8a0e0841c2d35703899b8c
-
MD5
064e112620ffeb0fa741fd15dadbfe29
SHA1f59759fc07c46af0252ebee9cc38f317c19ee55f
SHA2568400ec9924d1be0918d7d5fea035e1be799a369ce7e1e7ea6a076d1a9a8ab429
SHA512356f74f7c3fca6c9d5579fbd552135abe1094779a8427b10be90e767bd3e6a1c29ff25345b2313ee53782d207e0dddf3249d1e4d06d045087f6f2681d32f9284
-
MD5
9fb5562dffe13bca961018df6fd4a311
SHA19936cd017c915f2d89c07f27c086357039d28f25
SHA25601a84e0260efe1f41a21203e8434de888914fb73c016c477d0cf659d3e8e4094
SHA5125c3a04c7044edcb7fab158c2c65384ce5403db30eee4e65235bc37147c7a3e19ab45c6d9c4eac9432a4582e89db9d015179a7bdc1c259296fea181e2743f7a00
-
MD5
7eaf0b7cdb3b910888d4e728762a8e6d
SHA1a3ed76e130bc78b6f3b39a95855873dc6db09aa6
SHA2562e6753f167dd314ad7f12f603fdc5ad543acbd02f6ef5b0e7299d296bbe287d2
SHA51208fad952451b17f985b731717649bc7381db0aff1245ede400f7f1af2c4f86a909b2615a8c0545e661fa77f7c3d3bdcb4ae0826f75902d818414255709dfba1c
-
MD5
4b3326a0a0f5ceb2f62fafa1803bfd31
SHA16dc88042182a36266006eae120915aabd7a6bf09
SHA2560003e034c5944e87b72b648be2899fe30d6ce2906abaab12a026b7c2a6343db7
SHA512bb5d1816dd8cf62537e7e39bbe2aae6d089076a4c2bdb093fa102d0360071b07cecae6880ee956d1c0f17bab082ee99d09b78c7962260c9125bcd90babee7dc9
-
MD5
1ac8dbbc7d922f0ae1baad81c76a3955
SHA191eb9118f0f518633aa8ef262906ed6b3a2ba744
SHA256e3c7528dbb9ccd026911de7e09b276ba5bac2512b9505d8650d546419660959c
SHA512ce25f1e078e8eb91eecd4ab034544ff5c72ac8b10c97d35b9137a21cb15e84b04be9d391dcc328bc0826110ca5ae60f235b46bc63836e5e1cda688fc86b9baac
-
MD5
c72efec6e1b9bde30674dd7e6ede2ebd
SHA12b7349b916a5ef65f2b72bf74b01b1a9a3fc7539
SHA256831b90c25ca874df5303e553d853b73cd34d773672433eb9653fe9b7c07c8000
SHA5120cd707938f77d94a7edcbd9ccef44d610815427911f406979e8832e16da9dc7f97db1604df7b478b39e0e59d5a3277a045d1601f9e7ee4642a23ac514feb45e3
-
MD5
1c602cf0057be4c84d837cce62b226e1
SHA112fef0fed9d153fbb2deccda8bfe69412e7deecb
SHA2560ffc05d3eddf2a9c1052af6c99ad302fe589a8f7ec1fb7858f21927da9ee5f49
SHA5125444e5ecf00a7b579c03663fca7f569178ff07453a93d391ec183b81ba658f5968517adaf078dc5721b27466299b872e675bd3ddb4a626bdc5ecb7ac3299a99f
-
MD5
55f370c92f64cb49a0d4ebdd7597af0a
SHA182a6778e587a932521c992cf93512a65a3bca145
SHA256da8526074436aa243f9dc244563f929d96b2acb71ec61073e889464b904667e6
SHA512142c61b2dde72ba546274c5c266508c3947b3e3edee50afd85ab644637edaf27e113694d6bb82cb124a1fa31e4d556e4bb2b91adec52e4f42421062ebffb33aa
-
MD5
e88ae7c6ea37943ed126a6793abddc20
SHA1106f35b42a9ae6301b8faaa54e9f66998f7dd34c
SHA2565bd6163cabc619961479f581a4fe7d813b86fc88a08b3b0cba626d3ddaa9b013
SHA51266fa9de4d9d0fbf5e90071f77f2109d87dcd8a71653e562479ec91522d631d152b5d5f2812b5e538ce6d10c1836566e5659c42dce0db9bf1ef50d8ef85c7018f
-
MD5
f264cf27e22912c0294db679bb0a516e
SHA116f996e32ce82c1bfb8c55c6ab1505bc386d0190
SHA256ca57e94ae21c1d2571a1d217dd3eb349c8fccb17856b9d5e6e7a3dcc499657d6
SHA51232cd971e827308220a18e7ce37c90601747f156cbe384d9a23262426e3a62bfa0da484d86bde352b1cc6343236ffce1943d6f609543b78da6c0e32d23b90f6d5
-
MD5
9e668f9968d90295df22debbbf1c1524
SHA1e75cabf2dc763a81f1a64a2b331ab75c5c93ab61
SHA256412542773e8f06a0cfcee08c3ea05728b7efe05ecabdb5a78279ddd0d629633a
SHA5122b9d023d7ecd9bf3bfea5e457cab0ea9c355ef0f78c4242c72844322d888ac309946c5826651421671fba933e753249bd6fc0fe55a0fface2dbdee1a2129431d
-
MD5
16c13c6d48aec73393cc5b5acfde39a1
SHA1a8908cba2fe6d2dee7e8cfb90095c2b8329c71ef
SHA256440099bd478c3043719c52194a3c9f4f0c9a48a4772e71884e575f9a13d7eba1
SHA512e14fece508c774f0cd35a5ec13f14c187eab0a2e3a1cd1dab6f730db06ba40d3d34d6aa7a2e0348e7e05f63d2e52bf4d4468ade6b8db84613fdf10d5bd7ffa38
-
MD5
12625b80c9706a57f1625a2e7690e0b9
SHA12582ed7f7e2f494eb13310c4e1fa8d0ebc519e32
SHA256c66c82f8698ebace02869b4fe663fc6d0e2b88780346110198081cbfe7780cb6
SHA512054b357b8d86510a35a8b844331edbf9ffde8da46073796b957a4fcc9e6491bc85f26cbcb20ba896a8c5e698cee8faaa69de9b0b0eb110651a9bd831ff1e95d8
-
MD5
78fb79f91cf77d067ed2d665f06292b5
SHA1384396e6e88336165d42afd36373eb80d6300811
SHA256fc12155935f220444d12eb4aa3019fb30f9df9f1217f0b519115bae052108a43
SHA512f4f4048781bafafd96c26c1bb502ca952452f808ab442440df2f2e06711cc943ce834af4193fc2e52b0f55e0221446466fdc43dd4f622769f4541361040a5ad9
-
MD5
92d84a003968e02c4ef1d4a69841522d
SHA17bb68ec510bb870603120d2f41f955e363be763f
SHA256a6c5b56981b03e99dcd96b16470803e9a1c2a17a0a3e4735fc44aee32b73355f
SHA51221b3aee3f1f1ab981a1f9c80294124edbee3b4a5bd44bf8298f8bb3cf3d8b73a42ce3c1a7b59077e688b30ffe939be6569b38b9b3c417759fe787489e3c9855b
-
MD5
b2e7c78c672b67d0b61207012979f399
SHA10766f399d1349467aa2e248f5af6b2d79b0b4431
SHA2564379f1a9a5a8392a33b1a0a52b315f8240245dfac8ef74671455047958bb5e81
SHA512d924b008371ba434ae04b2c16a108f7be39b0fa6d21a52ba0d2852f802163d0c2b7e322949ef955fade577e4435afa7e6595725d19f3eb9fb56e8ed7225ed4f3
-
MD5
d1f5ce6b23351677e54a245f46a9f8d2
SHA10d5c6749401248284767f16df92b726e727718ca
SHA25657cb8f01cf553c3886760180d1a74839f2f676640115504485aca9692f577acc
SHA512960e90894e7bedcc89894e77e57e8ee0c99dd2c530d02665e8bbd3a1793eccc1e295c5923d1f37c757fa1158097fbaae70898c16052882d3d210c29ea801b3ba
-
MD5
4a843a97ae51c310b573a02ffd2a0e8e
SHA1063fa914ccb07249123c0d5f4595935487635b20
SHA256727ecf287fb6f4953ee7748913dd559b4f8d3a022fa2ca55bc51cf5886c52086
SHA512905c081552d95b523ecf1155b6c7e157652e5ff00cda30c1c21124d266eb7d305c3398d6832316f403dc45d1b639f1a5a67aea29922cd1a032f52e5247ec55d2
-
MD5
4a843a97ae51c310b573a02ffd2a0e8e
SHA1063fa914ccb07249123c0d5f4595935487635b20
SHA256727ecf287fb6f4953ee7748913dd559b4f8d3a022fa2ca55bc51cf5886c52086
SHA512905c081552d95b523ecf1155b6c7e157652e5ff00cda30c1c21124d266eb7d305c3398d6832316f403dc45d1b639f1a5a67aea29922cd1a032f52e5247ec55d2
-
MD5
d1f5ce6b23351677e54a245f46a9f8d2
SHA10d5c6749401248284767f16df92b726e727718ca
SHA25657cb8f01cf553c3886760180d1a74839f2f676640115504485aca9692f577acc
SHA512960e90894e7bedcc89894e77e57e8ee0c99dd2c530d02665e8bbd3a1793eccc1e295c5923d1f37c757fa1158097fbaae70898c16052882d3d210c29ea801b3ba
-
MD5
85221b3bcba8dbe4b4a46581aa49f760
SHA1746645c92594bfc739f77812d67cfd85f4b92474
SHA256f6e34a4550e499346f5ab1d245508f16bf765ff24c4988984b89e049ca55737f
SHA512060e35c4de14a03a2cda313f968e372291866cc4acd59977d7a48ac3745494abc54df83fff63cf30be4e10ff69a3b3c8b6c38f43ebd2a8d23d6c86fbee7ba87d
-
MD5
33908aa43ac0aaabc06a58d51b1c2cca
SHA10a0d1ce3435abe2eed635481bac69e1999031291
SHA2564447faacefaba8f040822101e2a4103031660de9139e70ecff9aa3a89455a783
SHA512d5216a53df9cfbe1a78629c103286eb17042f639149c46b6a1cd76498531ae82afd265462fbe0ba9baaff275fc95c66504804f107c449f3fc5833b1ed9c3da46
-
MD5
4a843a97ae51c310b573a02ffd2a0e8e
SHA1063fa914ccb07249123c0d5f4595935487635b20
SHA256727ecf287fb6f4953ee7748913dd559b4f8d3a022fa2ca55bc51cf5886c52086
SHA512905c081552d95b523ecf1155b6c7e157652e5ff00cda30c1c21124d266eb7d305c3398d6832316f403dc45d1b639f1a5a67aea29922cd1a032f52e5247ec55d2
-
MD5
ff58cd07bf4913ef899efd2dfb112553
SHA1f14c1681de808543071602f17a6299f8b4ba2ae8
SHA2561afafe9157ff5670bbec8ce622f45d1ce51b3ee77b7348d3a237e232f06c5391
SHA51223e27444b6cdc17fe56f3a80d6325c2be61ae84213bc7cdaad7bb96daa7e8d2d3defc1b96c3cee4a3f32dc464b0e05720bcf1c0e99626bf83de1b6d5aac000a3
-
MD5
c4f7ad9cdb934e4414e2cf58eb0062d1
SHA130268fc11e0ef7e54e219ef0dee3b75734a85c67
SHA2563ee3db80ebec5075b9dfb525f00bc9a494af450a9d650c995fbe01e0ec2c84b8
SHA5125259699a3a075d41928ec8079e0bdef33176261cc4d63f3287377cc58f01f755468a850abb1c2552245dfb2814c9245f7ff0b77620fd669661ff8edf8cf83a38
-
MD5
c4f7ad9cdb934e4414e2cf58eb0062d1
SHA130268fc11e0ef7e54e219ef0dee3b75734a85c67
SHA2563ee3db80ebec5075b9dfb525f00bc9a494af450a9d650c995fbe01e0ec2c84b8
SHA5125259699a3a075d41928ec8079e0bdef33176261cc4d63f3287377cc58f01f755468a850abb1c2552245dfb2814c9245f7ff0b77620fd669661ff8edf8cf83a38
-
MD5
c4f7ad9cdb934e4414e2cf58eb0062d1
SHA130268fc11e0ef7e54e219ef0dee3b75734a85c67
SHA2563ee3db80ebec5075b9dfb525f00bc9a494af450a9d650c995fbe01e0ec2c84b8
SHA5125259699a3a075d41928ec8079e0bdef33176261cc4d63f3287377cc58f01f755468a850abb1c2552245dfb2814c9245f7ff0b77620fd669661ff8edf8cf83a38
-
MD5
a526b9e7c716b3489d8cc062fbce4005
SHA12df502a944ff721241be20a9e449d2acd07e0312
SHA256e1b9ce9b57957b1a0607a72a057d6b7a9b34ea60f3f8aa8f38a3af979bd23066
SHA512d83d4c656c96c3d1809ad06ce78fa09a77781461c99109e4b81d1a186fc533a7e72d65a4cb7edf689eeccda8f687a13d3276f1111a1e72f7c3cd92a49bce0f88
-
MD5
c4f7ad9cdb934e4414e2cf58eb0062d1
SHA130268fc11e0ef7e54e219ef0dee3b75734a85c67
SHA2563ee3db80ebec5075b9dfb525f00bc9a494af450a9d650c995fbe01e0ec2c84b8
SHA5125259699a3a075d41928ec8079e0bdef33176261cc4d63f3287377cc58f01f755468a850abb1c2552245dfb2814c9245f7ff0b77620fd669661ff8edf8cf83a38
-
MD5
7d52884b375ce8b6182f1c53f0f1c496
SHA16b70e90b0dada8d93c61caa678e76ce2abcbc76b
SHA2569c48e8a5f83614f685249486a13a8a132660f37d11c5f55581414dbf02091021
SHA51224350255bda3672cce0ff22221e5973cd69f5b8470eb642e9679c3c006716271af8f32a2d4ee5309949c746eb9cb15bba411052fd4935a2a2b436501c7b4a515
-
MD5
7d52884b375ce8b6182f1c53f0f1c496
SHA16b70e90b0dada8d93c61caa678e76ce2abcbc76b
SHA2569c48e8a5f83614f685249486a13a8a132660f37d11c5f55581414dbf02091021
SHA51224350255bda3672cce0ff22221e5973cd69f5b8470eb642e9679c3c006716271af8f32a2d4ee5309949c746eb9cb15bba411052fd4935a2a2b436501c7b4a515
-
MD5
d1f5ce6b23351677e54a245f46a9f8d2
SHA10d5c6749401248284767f16df92b726e727718ca
SHA25657cb8f01cf553c3886760180d1a74839f2f676640115504485aca9692f577acc
SHA512960e90894e7bedcc89894e77e57e8ee0c99dd2c530d02665e8bbd3a1793eccc1e295c5923d1f37c757fa1158097fbaae70898c16052882d3d210c29ea801b3ba
-
MD5
4a843a97ae51c310b573a02ffd2a0e8e
SHA1063fa914ccb07249123c0d5f4595935487635b20
SHA256727ecf287fb6f4953ee7748913dd559b4f8d3a022fa2ca55bc51cf5886c52086
SHA512905c081552d95b523ecf1155b6c7e157652e5ff00cda30c1c21124d266eb7d305c3398d6832316f403dc45d1b639f1a5a67aea29922cd1a032f52e5247ec55d2
-
MD5
4a843a97ae51c310b573a02ffd2a0e8e
SHA1063fa914ccb07249123c0d5f4595935487635b20
SHA256727ecf287fb6f4953ee7748913dd559b4f8d3a022fa2ca55bc51cf5886c52086
SHA512905c081552d95b523ecf1155b6c7e157652e5ff00cda30c1c21124d266eb7d305c3398d6832316f403dc45d1b639f1a5a67aea29922cd1a032f52e5247ec55d2
-
MD5
d1f5ce6b23351677e54a245f46a9f8d2
SHA10d5c6749401248284767f16df92b726e727718ca
SHA25657cb8f01cf553c3886760180d1a74839f2f676640115504485aca9692f577acc
SHA512960e90894e7bedcc89894e77e57e8ee0c99dd2c530d02665e8bbd3a1793eccc1e295c5923d1f37c757fa1158097fbaae70898c16052882d3d210c29ea801b3ba
-
MD5
85221b3bcba8dbe4b4a46581aa49f760
SHA1746645c92594bfc739f77812d67cfd85f4b92474
SHA256f6e34a4550e499346f5ab1d245508f16bf765ff24c4988984b89e049ca55737f
SHA512060e35c4de14a03a2cda313f968e372291866cc4acd59977d7a48ac3745494abc54df83fff63cf30be4e10ff69a3b3c8b6c38f43ebd2a8d23d6c86fbee7ba87d
-
MD5
33908aa43ac0aaabc06a58d51b1c2cca
SHA10a0d1ce3435abe2eed635481bac69e1999031291
SHA2564447faacefaba8f040822101e2a4103031660de9139e70ecff9aa3a89455a783
SHA512d5216a53df9cfbe1a78629c103286eb17042f639149c46b6a1cd76498531ae82afd265462fbe0ba9baaff275fc95c66504804f107c449f3fc5833b1ed9c3da46
-
MD5
4a843a97ae51c310b573a02ffd2a0e8e
SHA1063fa914ccb07249123c0d5f4595935487635b20
SHA256727ecf287fb6f4953ee7748913dd559b4f8d3a022fa2ca55bc51cf5886c52086
SHA512905c081552d95b523ecf1155b6c7e157652e5ff00cda30c1c21124d266eb7d305c3398d6832316f403dc45d1b639f1a5a67aea29922cd1a032f52e5247ec55d2
-
MD5
ff58cd07bf4913ef899efd2dfb112553
SHA1f14c1681de808543071602f17a6299f8b4ba2ae8
SHA2561afafe9157ff5670bbec8ce622f45d1ce51b3ee77b7348d3a237e232f06c5391
SHA51223e27444b6cdc17fe56f3a80d6325c2be61ae84213bc7cdaad7bb96daa7e8d2d3defc1b96c3cee4a3f32dc464b0e05720bcf1c0e99626bf83de1b6d5aac000a3
