Analysis Overview
SHA256
c6ee0c5549619ebf81f7878da18a6e29ff315be7d0fb3d9b79b84717405c87f6
Threat Level: Known bad
The file pcnew.exe was found to be: Known bad.
Malicious Activity Summary
Windows security bypass
Phorphiex Worm
Modifies extensions of user files
Modifies Installed Components in the registry
Executes dropped EXE
Windows security modification
Reads user/profile data of web browsers
Loads dropped DLL
Enumerates connected drives
Adds Run key to start application
Drops desktop.ini file(s)
Modifies service
Drops file in Windows directory
Drops file in Program Files directory
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: RenamesItself
Suspicious use of SetWindowsHookEx
Modifies Control Panel
Suspicious use of SendNotifyMessage
Suspicious behavior: GetForegroundWindowSpam
Modifies registry class
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V6
Analysis: static1
Detonation Overview
Reported
2020-11-05 20:58
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2020-11-05 20:58
Reported
2020-11-05 22:28
Platform
win7v20201028
Max time kernel
148s
Max time network
82s
Command Line
Signatures
Phorphiex Worm
Windows security bypass
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\22912339014610\winsvcs.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
Modifies Installed Components in the registry
Modifies extensions of user files
| Description | Indicator | Process | Target |
| File renamed | C:\Users\Admin\Pictures\MeasureWatch.tiff => C:\Users\Admin\Pictures\MeasureWatch.tiff.ReadMe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File renamed | C:\Users\Admin\Pictures\WaitExport.raw => C:\Users\Admin\Pictures\WaitExport.raw.ReadMe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Admin\Pictures\GrantProtect.tiff | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File renamed | C:\Users\Admin\Pictures\InitializeSync.crw => C:\Users\Admin\Pictures\InitializeSync.crw.ReadMe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Admin\Pictures\MeasureWatch.tiff | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File renamed | C:\Users\Admin\Pictures\GrantProtect.tiff => C:\Users\Admin\Pictures\GrantProtect.tiff.ReadMe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File renamed | C:\Users\Admin\Pictures\RegisterUnblock.png => C:\Users\Admin\Pictures\RegisterUnblock.png.ReadMe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File renamed | C:\Users\Admin\Pictures\SelectEdit.tif => C:\Users\Admin\Pictures\SelectEdit.tif.ReadMe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File renamed | C:\Users\Admin\Pictures\UnlockExit.tif => C:\Users\Admin\Pictures\UnlockExit.tif.ReadMe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File renamed | C:\Users\Admin\Pictures\BlockHide.crw => C:\Users\Admin\Pictures\BlockHide.crw.ReadMe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File renamed | C:\Users\Admin\Pictures\BlockInitialize.tif => C:\Users\Admin\Pictures\BlockInitialize.tif.ReadMe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\pcnew.exe | N/A |
| N/A | N/A | C:\22912339014610\winsvcs.exe | N/A |
| N/A | N/A | C:\22912339014610\winsvcs.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
Reads user/profile data of web browsers
Windows security modification
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Security Center\FirewallDisableNotify = "1" | C:\22912339014610\winsvcs.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Security Center\AntiVirusOverride = "1" | C:\22912339014610\winsvcs.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Security Center\AntiVirusDisableNotify = "1" | C:\22912339014610\winsvcs.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Security Center\FirewallOverride = "1" | C:\22912339014610\winsvcs.exe | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Windows\CurrentVersion\Run\Microsoft Windows Services = "C:\\22912339014610\\winsvcs.exe" | C:\Users\Admin\AppData\Local\Temp\pcnew.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\Microsoft Windows Services = "C:\\22912339014610\\winsvcs.exe" | C:\Users\Admin\AppData\Local\Temp\pcnew.exe | N/A |
Drops desktop.ini file(s)
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\X6969WXQ\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Admin\Favorites\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Admin\Saved Games\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Public\Documents\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Public\Recorded TV\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Public\Videos\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\6O9TWDTA\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\XHJ74TZW\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Public\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Public\Downloads\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Public\Libraries\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Admin\Favorites\Links for United States\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Public\Desktop\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | \??\M:\$RECYCLE.BIN\S-1-5-21-293278959-2699126792-324916226-1000\desktop.ini | C:\Windows\explorer.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Admin\AppData\Local\Microsoft\Windows Mail\Stationery\Desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Admin\Documents\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Public\Pictures\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Admin\Desktop\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Admin\Music\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Public\Music\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Public\Music\Sample Music\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\5JH7AFHU\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Admin\Contacts\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Admin\Videos\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Public\Videos\Sample Videos\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\DataServices\DESKTOP.INI | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Admin\Favorites\Links\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Admin\Links\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Admin\Pictures\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Admin\Searches\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Public\Pictures\Sample Pictures\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Users\Public\Recorded TV\Sample Media\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
Enumerates connected drives
Modifies service
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\NapAgent\Shas | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\NapAgent\Qecs | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\NapAgent\Shas | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\NapAgent\Qecs | C:\Windows\explorer.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\Help\1036\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Google\Policies\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\CircleIconsMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\AMERITECH.NET.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Media Player\en-US\mpvis.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\WindowsPowerShell\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_performance_Thumbnail.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\images\Video-48.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PAPYRUS\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187859.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\NotifierDisableUpArrow.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGCOUPON.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\daisies.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.jdp_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-tools_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Pago_Pago | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\css\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105266.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\wab32res.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Composite.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\fi.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.win32.x86_64.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Recife | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\LogTransport2.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\MSOINTL.DLL.IDX_DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0285750.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\gl\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\activity16v.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Executive.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15168_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107314.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02361_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\tnameserv.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\plugin.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-editor-mimelookup.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\meta\art\00_musicbrainz.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\js\slideShow.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_thunderstorm.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.docs.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\Help\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14996_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_few-showers.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-keyring.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-openide-util-enumerations.xml_hidden | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\add_over.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\2d.x3d | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\ROMAN.TXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.BusinessData.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\en-US\TipTsf.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.databinding.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\LogTransport2.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FORM.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msado21.tlb | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\SetupMetrics\20201028184006.pma | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\fontmanager.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\ffjcext.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-javahelp.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\messageboxerror.ico | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\STS2\header.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CAPSULES\CAPSULES.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0252629.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02071U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02233_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14528_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\INFOPATHEDITOR_COL.HXC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-multiview.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\misc\libgnutls_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\NETWORK\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0299171.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10253_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\4.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\EET | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\km\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105336.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GROOVE_COL.HXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dili | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_settings.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107458.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00686_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\OIS_COL.HXC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Page_PAL.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.IDX | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\Ole DB\msdadc.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01182_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0151047.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\mraut.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\pidgenx.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\12.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_selectionsubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToNotesBackground_PAL.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\EXCEL.DEV.HXS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\DESIGNER.ONE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Media Player\setup_wm.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libaiff_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\QuickTime.mpp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00241_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0304371.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00505_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\MAIN.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME09.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Casual.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Etc\GMT-11 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\Adobe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\vsta_ep32.exe.config | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\CLASSIC2.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115839.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PS10TARG.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\UserControl.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Americana.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Port_Moresby | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\spu\libmarq_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\BIN\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0232803.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Generic.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationTypes.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\control\libwin_msg_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libposterize_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SKY\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14693_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR43F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationUp_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\glass.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\jfxwebkit.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Journal\en-US\MSPVWCTL.DLL.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00257_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18244_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\weather.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\activity16v.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\EXCEL.DEV_K_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\RM.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-queries.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup-impl_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sampler_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15170_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_up.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_sml.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\NavigationButtonSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-loaders.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-Regular.otf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\URBAN_01.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18220_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115843.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\GIFT.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\unpack.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.reconciler.dropins.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-common_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-application-views.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\LISTS\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Management.Instrumentation.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_pressed.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01569_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows NT\Accessories\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Connectivity.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-nodes.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows NT\TableTextService\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-full_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0241773.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00489_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)notConnectedStateIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0090089.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\feature.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.databinding.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\tr\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\dialogs\offset_window.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libwave_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\OWSHLP10.CHM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_OliveGreen.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\SIGNHM.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\alert_obj.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18221_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\INFOPATH_K_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Slate\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\AdjacencyLetter.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Mail\MSOERES.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Christmas | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\hu\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00254_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR6F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\CreateSpaceImage.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Lime\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\fi.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_Buttongraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SKY\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\INFOPATHEDITOR_COL.HXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\OutlineToolIconImages.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_flyout.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04332_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\en-US\jsprofilerui.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_ru.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\license.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\St_Johns | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\ink\mshwgst.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEODTXT.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsHomePage.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL077.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\drvDX8.x3d | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00092_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Thatch.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-api-visual.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-execution.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dialdot_lrg.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR2B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_FileOff.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libsftp_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN01084_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0238959.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\jp2native.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Argentina\San_Luis | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\msadc\en-US\msadcer.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0178523.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\bg_Country.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroBroker.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\QUAD\QUAD.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00252_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLOOK.HXS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Indiana\Vevay | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLUEPRNT\BLUEPRNT.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00168_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LETTHEAD.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Mexico_City | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tbilisi | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-awt.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\gstreamer-lite.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\images\cursors\win32_CopyDrop32x32.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\navBack.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msaddsr.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Guatemala | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.ServiceModel.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Media Player\Media Renderer\DMR_48.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_rest.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\feature.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-text_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuvp_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACERCLR.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\LAYERS\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14769_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\CALENDAR.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\AXIS\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\LAYERS\LAYERS.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sl.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\CMNTY_01.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY00560_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCDRESTS.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02736U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\tipresx.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Tanspecks.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\orbd.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.syntheticnotification.exsd | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ps\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\service.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14753_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Media Renderer\DMR_48.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\ICU\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Dotted_Lines.emf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Kwajalein | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-visual_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-keyring-impl.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\wa\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ga\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\WebToolIconImagesMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\BUSINESS.ONE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\ink\tpcps.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\OARPMANR.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107290.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Flow.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18216_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jre7\lib\zi\Pacific\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ga\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\spu\librss_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152688.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR5F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0148309.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02062U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Grid.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_alignright.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-crescent.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00233_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kuala_Lumpur | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.equinox_1.0.500.v20131211-1531.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.server_8.1.14.v20131031.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\WTSP61MS.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239951.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libmpc_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\WINWORD.DEV_COL.HXC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBTRAP.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Stucco.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Argentina\Mendoza | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EVRGREEN\EVRGREEN.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSACCESS.DEV_COL.HXC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SpringGreen\BUTTON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSSP7ES.LEX | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\NEWS.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\redmenu.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyrun.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Sakhalin | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can.hyp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Media Player\wmpnssci.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\MMSS.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PROOF\1036\MSGR3FR.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\LoginTool24x24ImagesMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGLOGO.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\rmiregistry.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Jamaica | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Help\3082\hxdsui.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01746_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD10307_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_pressed.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\feature.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15133_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\GRIP.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OSPP.HTM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\WORDIRMV.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\huemainsubpicture2.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\dropins\README.TXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.jasper.glassfish_2.2.2.v201205150955.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\1033\VBUI6.CHM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\EMSMDB32.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\menu_arrow.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\layers.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\39.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\ZY______.PFB | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\ink\1.0\Microsoft.Ink.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0309480.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0387337.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\bdcmetadata.xsd | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\EMAILMOD.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_dot.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\1047x576black.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-uihandler_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-jvm.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Civic.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\wab32res.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\eng32.clx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GRAPH_F_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR8B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-full.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Manila | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Bahia | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0313974.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00152_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18201_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\te\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\IA32.api | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\TextConv\WksConv\Wkconv.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0222017.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15018_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.NZ.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Nome | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BOLDSTRI\BOLDSTRI.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0199303.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightYellow\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\2 Top.accdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_h.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02041_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Hardcover.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\AppConfigurationInternal.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-profiler.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-charts_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\MpRTP.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\STS2\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Internet Explorer\images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-core-kit.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\is\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14594_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceSimplifiedShuangPin.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00097_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\WINWORD.DEV_K_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cayenne | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\mix.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-ui_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-sa.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Kiritimati | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\ink\penkor.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormToolImages.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\an.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.IdentityModel.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\logo.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_el.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL111.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\ENVELOPE.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\FREN\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ECLIPSE\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\NETWORK\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD20013_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY01491_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02074_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\AdjacencyMergeLetter.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Media Player\en-US\wmplayer.exe.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\pl-PL\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\kinit.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-sampler.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Iqaluit | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR49F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCDRESTL.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg_sml.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\oskmenubase.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\drvSOFT.x3d | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\AXIS\AXIS.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Module.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART11.BDR | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_bottom.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground_PAL.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\softedges.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ja\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ach\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE05665_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\XLSTART\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00428_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD01196_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0102594.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Urban.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Earthy.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FOLDPROJ.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMain.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\ECLIPSE_.RSA | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Publisher.en-us\SETUP.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152884.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_de.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\bg_sidebar.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Uninstall Information\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\logo.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\jsadebugd.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00438_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\1033\VSTAProjectUI.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\eu\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200521.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02082_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_GreenTea.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\meta\reader\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\AdobePiStd.otf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-gibbous_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PROFILE\PROFILE.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00269_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\jmxremote.password.template | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\java.security | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kamchatka | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Regina | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\MSBuild\Microsoft\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BREEZE\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382961.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\MessageBoxIconImagesMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\STSUPLD.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_m.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Kathmandu | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ky\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00011_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR26F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Sales Pipeline.accdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToNotesBackground.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.forms_3.6.100.v20140422-1825.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Indiana\Winamac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\intf\cli.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00261_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\en-US\sbdrop.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Mozilla Firefox\browser\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libvc1_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_decreaseindent.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_over.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21298_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21533_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OFFXML.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-options-api.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\EN00222_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099183.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152606.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0309902.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\hi.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-openide-options.xml_hidden | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\dialogs\batch_window.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\java.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341738.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Mail\en-US\msoeres.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\LICLUA.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\J0115875.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\HEADINGBB.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\Form_StatusImageMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Earthy.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\grid_(cm).wmf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\msdasqlr.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Google\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH03041I.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WORDREP.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\babyblue.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00008_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105490.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185786.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115835.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ka.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Nauru | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-crescent.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_Earthy.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Earthy.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\System\Ole DB\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0251301.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\EAWFINTL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange\tab_on.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\Details.accdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ff\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSORES.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\AFTRNOON\AFTRNOON.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14752_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME48.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\BillingStatement.xltx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Johannesburg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\en-US\MpEvMsg.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\cryptocme2.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\CNFRES.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_right_over.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL022.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\TextConv\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\ECLIPSE_.SF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.PL.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14711_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\WindowsPowerShell\Modules\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationLeft_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_lt.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0240291.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0287005.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\INDUST\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FINCL_01.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\ipschs.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\scrapbook.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\ktab.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Berlin | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\jquery-ui-1.8.13.custom.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105306.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Composite.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GRAPH.HXS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\OLTASKR.FAE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_flyout.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jre7\lib\zi\Asia\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_sse2_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR20F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\EXITEML.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\InfoPathOMFormServicesV12\Microsoft.Office.Infopath.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL090.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Mail\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0285462.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Angles.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.net_1.2.200.v20120807-0927.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Resolute | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\SETLANG_COL.HXC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\form_edit.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\flight_recorder.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\SystemV\CST6CDT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_bridge_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN01039_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0145212.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue\BUTTON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Grid.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\icon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\npt.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\end_review.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_hu.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02120_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\46.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\pa\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOInstallerUI.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsBrowserUpgrade.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\mscss7wre_fr.dub | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\picturePuzzle.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Eula.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.CRT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0293800.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02759J.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\LightSpirit.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00382_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Trans_Notes_PAL.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\deploy\messages_es.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\Help\1040\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00184_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01849_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE05870_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_GB.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00898_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00200_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\AD.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00542_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME45.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsColorChart.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Media Player\Network Sharing\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\SettingsInternal.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185828.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.RSA | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.ui.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jre7\lib\zi\America\Indiana\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Ust-Nera | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\oc\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_down.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL087.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\REPORT.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_ContactLowMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Garden.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-spi-actions_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Journal\MSPVWCTL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_hover.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\weather.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\Filters\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\SIGN.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Defender\en-US\MpEvMsg.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\en-US\msdaremr.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\APIFile_8.ico | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS01638_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00166_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_down.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\ECLIPSE_.SF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\XLMACRO.CHM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_LightSpirit.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_splitter\libwall_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Clarity.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\INTLDATE.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\WSS\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Tahiti | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_ring_docked.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\excelcnv.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\omni.ja | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_hevc_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPCEXT.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AppConfigInternal.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01141_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14792_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\jre\lib\applet\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\en-US\eula.rtf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+10 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\eclipse.inf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-core-io-ui.xml_hidden | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.IdentityModel.Selectors.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\th-TH\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationUp_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Godthab | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\msvcp140.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\en-US\WMPSideShowGadget.exe.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152430.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSO.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OMSMAIN.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Flow.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\IPEDITOR.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\settings.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msadrh15.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_ko_KR.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-selector-ui.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00057_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR00.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsHomePageScript.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\eo.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerEvaluators.exsd | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Aqtau | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_output\libadummy_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-gibbous_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR45F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\VelvetRose.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Installed_resources14.xss | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB8.BDR | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\Shared16x16ImagesMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_s.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\Common.fxh | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\1033\VBENDF98.CHM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PARNT_06.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02740U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_down.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\epl-v10.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153305.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0174635.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00485_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21365_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Library\Analysis\PROCDB.XLAM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00090_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18233_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEIRM.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-oql.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PAPYRUS\PAPYRUS.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_TexturedBlue.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\DISTLIST.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\pt-PT\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Samara | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Main_Gradient.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\daisies.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD07804_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00221_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\REFINED\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\People\MMHMM.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_down.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Honolulu | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-filesystems.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\splashscreen.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\groove.net\ManagedObjects\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\OLMAILR.FAE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\Microsoft.Office.InfoPath.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\mshwLatin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\init.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\plugin.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\fy\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-4.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\bg.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00668_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01840_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21321_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_settings.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-keymap_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_snow.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUB6INTL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL010.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\203x8subpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.ds_1.4.200.v20131126-2331.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SONORA\SONORA.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01682_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR43B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\DRUMROLL.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\et\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0228959.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239611.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\WORDIRM.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Nipigon | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\BIN\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\GIFT.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\ipsdan.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Green Bubbles.htm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\awt.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\audio_output\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ACCWIZ.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Templates\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.app.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\fy\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\tl\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01838_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Grid.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0286034.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_Groove.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BIZFORM.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\hwrusalm.dat | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Hermosillo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\security\blacklist | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\TextConv\RECOVR32.CNV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLLIBR.REST.IDX_DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\HLS.api | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\OIS_K_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Filters\odffilt.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\ipsnld.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\El_Salvador | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\dialogs\stream_window.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libasf_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libcache_read_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\networkinspection.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-options-keymap.xml_hidden | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Belem | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Rankin_Inlet | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382950.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Trek.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\3RDPARTY | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD09194_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0090390.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGDOTS.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Templates\1033\FAX\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\oledbvbs.inc | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\unpack200.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\ExecutiveLetter.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Internet Explorer\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.security_8.1.14.v20131031.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\jfluid-server.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PAPYRUS\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\TEXTBOX.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.KR.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OIMG.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\license.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\prodbig.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-oql.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\policytool.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\zx______.pfm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\IPIRMV.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Shades of Blue.htm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.httpclient4_1.0.800.v20140827-1444.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libpostproc_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01064_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCDREQL.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Mail\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup-impl_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\EXPLR_01.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198022.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0217302.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Biscay\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSTH7FR.LEX | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HM00426_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PROTTPLV.PPT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\InkDiv.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-spi-actions.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-progress_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Chatham | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\EQNEDT32.CNT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ro\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0315612.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Desert\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\asl-v20.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-crt-convert-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Journal\JNTFiltr.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PSRCHLTS.DAT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR10F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\ru-RU\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Danmarkshavn | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\feature.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Mail\MSOERES.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0205462.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR15F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.security.win32.x86_64_1.0.100.v20130327-1442.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0214098.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MML2OMML.XSL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGSTORY.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\List.accdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Monet.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Kwajalein | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00449_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\GRAPH.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\epl-v10.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\GIFIMP32.FLT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00633_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02285_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0216858.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Stationery\1033\PINELUMB.HTM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Places\TOOT.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_increaseindent.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.console.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Istanbul | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Google\Update\Install\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\VCTRN_01.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02106_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Photo Viewer\PhotoViewer.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_orange.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\msdatl3.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-3 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\JOURNAL\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152610.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\SPACER.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\VPREVIEW.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\javafx-doclet.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\epl-v10.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-netbeans-core.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Havana | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14982_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\OUTEX2.ECF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\bdcmetadataresource.xsd | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Things\HORN.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-compat.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\bn\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_a52_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\ink\pipanel.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\msadc\msadcf.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0199465.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OneNote\SendtoOneNoteFilter.gpd | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OUTLFLTR.DAT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02048_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CALENDAR.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\id.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssBackBlue_docked.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\86.0.4240.111\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\Microsoft.VisualStudio.Tools.Applications.Blueprints.tlb | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSLoc.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00077_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Documentation\1033\License Agreements\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\en-US\sqloledb.rll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-lib-uihandler.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\calendars.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libsepia_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Bears.htm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EVRGREEN\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\PreviousMenuButtonIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\w2k_lsa_auth.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Miquelon | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-attach.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\9.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\eng.hyp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0090027.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341654.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02746U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Oasis\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\high-contrast.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Juneau | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR45F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.ssl_1.1.0.v20140827-1444.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01354_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Slate.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Classic.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\WWINTL.REST.IDX_DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\tl\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libtta_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AXE8SharedExpat.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Word.en-us\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02448_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\WinFXList.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multitabs_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0216588.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\ActiveTabImageMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsPreviewTemplateRTL.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_transcode_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Media Renderer\avtransport.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0234687.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\MP00021_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSPUB_COL.HXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Eucla | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_222222_256x240.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libmkv_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\PowerPoint.en-us\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PAPYRUS\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\STRTEDGE\STRTEDGE.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Author2String.XSL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\Office14\Mso Example Setup File A.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\86.0.4240.111\86.0.4240.111_chrome_installer.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Slipstream.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\validation.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\HEADINGBB.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_fr.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Magadan | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105292.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21427_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\OneNote\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker_1.1.200.v20131119-0908.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\on_desktop\slideshow_glass_frame.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\POSTITS.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_Casual.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_specialocc_Thumbnail.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Routing.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Internet Explorer\ie9props.propdesc | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04269_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0216874.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_divider_left.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\Msgbox.accdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Dawson_Creek | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.ComponentModel.DataAnnotations.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\ado\adovbs.inc | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Elemental.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ogalegit.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02055_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD15035_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_divider_right.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\msadc\handler.reg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0178460.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187829.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341328.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00732_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\TWLAY32.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\19.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\setup.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185774.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGSIDEBR.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\css\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Atlantic\Cape_Verde | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EVRGREEN\EVRGREEN.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\MSB1CACH.LEX | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaSansDemiBold.ttf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-api-caching.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02280_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGMARQ.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\SplashScreen.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\en-US\IpsMigrationPlugin.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-text.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\AFTRNOON\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLPERF.H | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\GIFT98.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01843_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_Groove.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libdirectory_demux_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01162_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0313896.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\nb.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Amsterdam | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\mobile_view.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_sse2_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsPrintTemplate.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.contexts_1.3.100.v20140407-1019.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-heapdump_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\cs\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_shout_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Mail\oeimport.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_s.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\mspub.exe.manifest | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationUp_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Costa_Rica | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util-lookup_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\libvlc.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099190.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\ECLIPSE_.RSA | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-options_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSACCESS.DEV.HXS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Defender\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\OriginResume.Dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\hi.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15058_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Slate\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\NotifierBackground.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\info.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152628.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Waveform.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Full\pushplaysubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Push\pushplaysubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\launcher.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-jvm.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeLinguistic.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\atl.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD15034_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\es.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\intf\modules\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\LEVEL\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21305_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\ExecutiveResume.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\Comments.accdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_divider_right.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\MemoryAnalyzer.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\INDUST\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00242_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01171_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287415.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14582_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BDRTKFUL.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libbluray-j2se-1.0.2.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color120.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239955.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN01165_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10302_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Matamoros | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0300862.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\InactiveTabImage.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-crescent_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BORDERBB.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\SENDTO.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Niue | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Tashkent | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\hy\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\requests\status.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsViewAttachmentIcons.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\TABOFF.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ga.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\TextConv\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR36F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR50F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\v8_context_snapshot.bin | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Vostok | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\security\javafx.policy | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\d3dcompiler_47.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\az\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Internet Explorer\jsdebuggeride.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Fortaleza | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\validation.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\15x15dot.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB4.BDR | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\sqlceqp35.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\SAVE.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-actions.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\playlist\dailymotion.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ECLIPSE\ECLIPSE.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Riga | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\charsets.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART12.BDR | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Customer Support.fdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Help\1049\hxdsui.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\ink\journal.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_fr.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\eclipse.inf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.dom.svg_1.1.0.v201011041433.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-outline_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-modules-appui.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Thimphu | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18238_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21332_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\COIN.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\XLICONS.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Stationery\1033\OFFISUPP.HTM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\content-background.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_ja.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\xul.dll.sig | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libsmf_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CAPSULES\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MCPS.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceAmharic.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\UrbanPhotoAlbum.potx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.IdentityModel.Selectors.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-filesystems.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Microsoft Office\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01178_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CGMIMP32.HLP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MSOHEVI.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LETTHEAD.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsPrintTemplate.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\BTINTERNET.NET.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\feature.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\ResizeDisconnect.ram | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt.fca | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\setup.swf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Csi.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Places\LASER.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\MedianLetter.Dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToScenesBackground_PAL.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\dsn.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\es\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\triangle.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLENDS\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\micaut.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-services.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\mk\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql2000.xsl | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\DESKSAM.SAM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21434_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\People\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dushanbe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Guam | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\MANIFEST.MF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\picturePuzzle.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Office.Contract.v9.0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01291_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCDRESNL.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyclient.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\fa\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-last-quarter.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01255G.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00638_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\1033\Bibliography\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GrayCheck\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\ViewHeaderPreview.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\uk\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18192_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BROCHURE.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Manuscript.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\lib\derby.war | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Athens | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\AXIS\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SONORA\SONORA.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14565_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR11F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\local_policy.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Davis | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00199_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0284916.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsViewFrame.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_alignright.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\ActiveTabImage.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsFormTemplate.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\sunmscapi.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.net.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Taipei | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\modules\common.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_pressed.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SHARING.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSTH7EN.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\Issues.accdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR7F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Desert.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-previous-static.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_classic_winxp.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\16-on-black.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1253.TXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02405_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME32.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\1033\VSTAClientPkgUI.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_chromecast_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105410.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21329_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD06200_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00191_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Foundry.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Runtime\x86\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\TOC98.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14831_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGSIDEBR.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Algiers | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\qipcap64.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ms.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\POWERPNT_COL.HXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02829J.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0195534.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\en-US\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msdarem.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Almaty | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\feature.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-crt-heap-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105244.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-swing-plaf.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\az\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libopus_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\TipRes.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10297_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sq.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Installer\chrmstp.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\images\vlc16x16.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00121_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00998_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\CAGCAT10.MMW | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\en-US\delete.avi | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\YST9YDT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN00965_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02444_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD10290_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Desert\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.operations.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\VIEW.JS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\ink\mip.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateHelper.msi | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Eurosti.TTF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-keyring.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\control\libdummy_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\skins\default.vlt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\mset7.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Internet Explorer\DiagnosticsTap.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Technic.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Grand_Turk | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Khandyga | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows NT\Accessories\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libcolorthres_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\skins\fonts\FreeSansBold.ttf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD19563_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Desert.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\1047x576black.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ar\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\gl\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\Adobe\Acrobat\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_hail.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CROATIAN.TXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\IPML.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_left_over.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\NAMECONTROLPROXY.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\ipsen.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\ipsjpn.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtospdif_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\EScript.api | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR9F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_docked.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\css\currency.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\settings.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0240695.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightYellow\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-oql.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\d3d9\libdirect3d9_filters_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00957_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18227_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7z.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSEngine.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-applemenu.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_s.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239997.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_rest.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-left.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0174952.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0292272.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02426_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Opulent.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\QUERIES\MSN MoneyCentral Investor Stock Quotes.iqy | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_INTRO_BG.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\BCSProxy32.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\css\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\drag.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\flyout.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107658.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187893.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0292286.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\New_Salem | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\pa\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\it\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01213K.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Internet Explorer\msdbg2.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\BodyPaneBackground.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Genko_1.emf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.continuation_8.1.14.v20131031.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\hu\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationClient.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\gadget.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLUECALM\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.TH.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\MENU.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_h.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01751_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_FormsHomePage.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsNotesBackground_PAL.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-hot.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01130_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\blackbars80.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\rmid.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.diagnostic.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroTextExtractor.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\PDXFile_8.ico | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\Ole DB\msdatt.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sv.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152704.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\Alphabet.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_babypink_Thumbnail.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\license.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\feature.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.app_1.3.200.v20130910-1609.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-swing-outline.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsNotesBackground.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\OOFL.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\validation.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\ACCTBOX.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7-zip32.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.batik.util_1.7.0.v201011041433.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\SY______.PFB | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0188587.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME37.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099163.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\EXCEL_F_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Moscow | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPBluTSFrame.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\mr\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\si\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libmft_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\TipBand.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Simple.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\MarkupIconImages.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\DELETE.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\Passport_PAL.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Tallinn | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Easter | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0146142.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\net.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_foggy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_windy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\oc\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Welcome Tool\IconImages.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Adelaide | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_basestyle.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\core_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\video_output\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_output\libmmdevice_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02293_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\orbd.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-visual_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\picturePuzzle.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+9 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\email_initiator.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_lg.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SECRECS.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\tl.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\SC_Reader.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ui.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-loaders_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-progress-ui.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-swing-plaf.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\firefox.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00234_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00391_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\MSOSEC.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\QuestionIconMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\th.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\Ole DB\xmlrw.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00526_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14866_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTFORM.DAT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\add_reviewer.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Roses.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0387895.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18182_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\STSLISTI.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa.fca | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18180_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGSIDEBRV.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\Office14\1033\Mso Example Intl Setup File A.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)greenStateIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\NPSWF32.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107544.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02470U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Csi.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.equinox.simpleconfigurator\bundles.info | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0216570.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00512_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OEMPRINT.CAT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Stationery\1033\CURRENCY.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\va.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-dialogs.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01777_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18252_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\bg_Premium.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark_win.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Defender\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_bkg_orange.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02169_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Composite.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Linq.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libwav_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\40.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Excel.en-us\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101864.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\jrunscript.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00174_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21311_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\tr-TR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\as_IN\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLOOK.DEV.HXS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGCINFO.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_LinkNoDrop32x32.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Indian\Cocos | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\fur\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CONCRETE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\7.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\New_York | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\license.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libmicrodns_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_up.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-first-quarter_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ro.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_rainy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0102002.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\RADIO.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Horizon.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\SpeechEngines\Microsoft\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Reference Assemblies\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ug\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RICEPAPR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\msadc\adcvbs.inc | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01842_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Core.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\23.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\he.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101862.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\CLIPART\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21399_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART8.BDR | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\AddToViewArrowMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Tbilisi | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Filters\odffilt.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0233992.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\RTF_BOLD.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\ONINTL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome_pwa_launcher.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\js\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\44.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\rtf_spellcheck.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\feature.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Africa\Cairo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\eu\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSO.ACL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME26.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Hebron | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\MpCommu.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\QUAD\QUAD.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01219_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0293844.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME30.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Stationery\1033\JUDGESCH.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21422_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\nbexec64.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Etc\GMT-5 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Pitcairn | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libsubsdec_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\BCSEvents.man | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\background.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Rio_Gallegos | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\license.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Entity.Design.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287641.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME22.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\eclipse.inf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0216540.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\TRANSMRR.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\sunmscapi.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegaudio_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21303_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\ReviewRouting_Review.xsn | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BAN98.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\32.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\sound.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Journal\NBMapTIP.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\alertIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_Off.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_disabled.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOInstallerUI.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\j2pcsc.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\artifacts.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ja\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Journal\en-US\jnwdui.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\Ole DB\en-US\oledb32r.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0212685.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ro.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\libvlccore.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\vlc.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\GREETING.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-print.xml_hidden | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\sl\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirect3d9_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\currency.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0237225.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR51B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382927.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\Microsoft.Ink.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Krasnoyarsk | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\config.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287417.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings_0.10.200.v20140424-2042.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Xml.Linq.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-today.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Lime\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\icon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\LAYERS\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\fur.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\yo.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\zh-CN\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Peacock.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\flavormap.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_stats_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\rtf_italic.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_s.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Stationery\1033\JUDGESCH.HTM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Stationery\1033\SEAMARBL.HTM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\720x480blacksquare.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-heapwalker.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\video_splitter\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\9.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185800.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSTH7ES.LEX | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\ResourceInternal.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_few-showers.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sl.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Filters\msgfilt.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_output\libwingdi_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Mail\msoe.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\en-US\wmpnscfg.exe.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\35.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\fieldswitch.ax | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ia\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\MSB1CORE.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsBrowserUpgrade.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\javaw.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\pl\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libadf_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00004_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Damascus | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libspatialaudio_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLENDS\BLENDS.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\ja-jp-sym.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.text.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.sat4j.core_2.3.5.v201308161310.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14793_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\LOOKUP.DAT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\ApothecaryNewsletter.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile16.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-highlight.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\tr.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.servlet_3.0.0.v201112011016.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.observable.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Qyzylorda | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00391_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\an\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\logo.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Jujuy | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\La_Rioja | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Shared Gadgets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_few-showers.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\METCONV.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00253_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\sa-jdi.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Journal\PDIALOG.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\Flash.mpp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Oriel.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0157763.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\bg_sidebar.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Macquarie | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.transport.ecf.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\MS.WPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02752U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21308_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\NextMenuButtonIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Anadyr | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\GMT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-spi-actions.xml_hidden | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\SystemV\PST8 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_left.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\OrielLetter.Dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\Help\1046\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\PDFFile_8.ico | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\EN00319_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\INFOPATH.HXS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\VVIEWDWG.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NBOOK_01.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Paper.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help_3.6.0.v20130326-1254.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\spu\liblogo_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_m.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\COMPASS\COMPASS.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_en-GB.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\msolap100.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21527_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\DBGHELP.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msado25.tlb | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libdvbsub_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\misc\libxml_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Slipstream.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Oasis\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\hr.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\System\Ole DB\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\amd64\jvm.cfg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-profiling.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Waitcursor.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02897J.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR49B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\on_desktop\slideshow_glass_frame.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\jaccess.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CASCADE\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107130.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR42F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR47F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_h.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Media Renderer\RenderingControl.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\WPGIMP32.FLT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099156.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CERT98.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\XLSLICER.DLL.IDX_DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\SCNPST64.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\keypadbase.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Uzhgorod | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\Adobe\Help\en_US\Adobe Reader\9.0\helpmap.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099158.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107516.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR15F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Google\Update\Install\{ED12A50C-ADCB-4FB6-B0B7-713544A9D99B}\CR_EB8C7.tmp\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SONORA\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\PipeTran.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToScenesBackground.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\WindowsAccessBridge-64.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\pl\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\DefaultID.pdf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\INDUST\INDUST.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR8F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSPUB.OPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\jdwp.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Inuvik | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Nassau | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_browser.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152694.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153087.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\Adobe\Help\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00602_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\hy.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\include\jvmticmlr.h | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\DumontDUrville | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-execution_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-host.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Martinique | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\Bibliography\BIBFORM.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGCHKBRD.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.event_1.3.100.v20140115-1647.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-nodes_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\settings.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Roses.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\en-US\OmdProject.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\Center | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY00795_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsIncomingImageMaskSmall.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_top_left.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-spi-quicksearch.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sa_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Mazatlan | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libhttps_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\0.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03451_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\js\slideShow.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\EXPSRV.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR26F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\JavaAccessBridge-64.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-windows.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Kiev | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\am\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\WANS.NET.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\ResourceInternal.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\gui\libqt_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Media Player\en-US\WMPDMC.exe.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\NextMenuButtonIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\.settings\org.eclipse.equinox.p2.artifact.repository.prefs | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-uihandler.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-io.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Detroit | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\http\dialogs\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-options-api.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\jdwp.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\email_all.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ONMAIN.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\en-US\correct.avi | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Hovd | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR48B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKREQS.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGLINACC.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\auxbase.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Photo Viewer\ImagingDevices.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SPRING\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\OMSINTL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MORPH9.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_m.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\library.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libdmo_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Pushpin.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\OrielMergeLetter.Dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0106208.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00411_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\ipsptg.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\203x8subpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\jmap.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\MANIFEST.MF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-utilities.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\DW\DWTRIG20.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-favorites.xml_hidden | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\ACE.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00783_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue\BUTTON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GrayCheck\HEADER.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BIZFORM.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0227558.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0309585.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\sqmapi.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_CopyNoDrop32x32.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-tools.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\cmm\sRGB.pf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01759_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099187.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Biscay\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\eclipse.inf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\vi\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187817.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105276.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\button-highlight.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\jli.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\about.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk16\windows-amd64\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationRight_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Paper.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18196_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14981_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME13.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR51B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\rt.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.compatibility.state_1.0.1.v20140709-1414.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Journal\Templates\Graph.jtp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can129.hsp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0196400.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OISGRAPH.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_basestyle.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\Adobe\Help\en_US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR7B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\InformationIcon.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\plugin-container.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\ARFR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\fr.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Galapagos | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Argentina\Jujuy | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\rings-desk.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked-loading.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SKY\SKY.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-attach_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libcaf_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SoftBlue\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\TimeCard.xltx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\SpaceSelector.ico | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Stationery\1033\CURRENCY.HTM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\epl-v10.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-settings_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-modules.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0144773.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\DATETIME.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\STS2\background.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Vilnius | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\ink\1.7\Microsoft.Ink.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD08758_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14833_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\divider-vertical.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Media Player\Icons\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Journal\jnwppr.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\Ole DB\msdaosp.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Perspective.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MAPIR.DLL.IDX_DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_OliveGreen.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\DISTLSTS.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-lib-uihandler_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\SystemV\EST5 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\cpu.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_snow.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY01563_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02039_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Genko_2.emf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\org.eclipse.rcp_root_4.4.0.v20141007-2301 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\AUDIOSEARCHMAIN.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGSTORYVERT.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\spacer_highlights.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.FR.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\af.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\St_Johns | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows NT\TableTextService\TableTextService.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\Tulip.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187839.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01158_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_flat_10_000000_40x100.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Main_Background_QuickLaunch.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-last-quarter_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\SETLANG.HXS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PG_INDEX.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\GROOVEMN.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\IntroducingPowerPoint2010.potx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\ipshrv.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-crt-conio-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\AdobeID.pdf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\acro20.lng | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\DEEPBLUE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01246_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18249_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\CLICK.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Chicago | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_ts_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ml.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0281630.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0283209.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\LoanAmortization.xltx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\glass_lrg.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\lij.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0387578.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18197_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR34F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\IPMS.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-spi-quicksearch_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\he\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Adobe\zdingbat.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Internet Explorer\ieproxy.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15061_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-gibbous.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.httpcomponents.httpclient_4.2.6.v201311072007.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Oarpmany.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02253_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_sv.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Macau | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18210_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME11.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\weather.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\deploy\messages_de.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Antarctica\Macquarie | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_m.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_top_right.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsIncomingImageSmall.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\CHEVRON.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Media Player\Media Renderer\DMR_120.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\1047x576black.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\jabswitch.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Monterrey | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-gibbous.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382966.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LABELHM.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)grayStateIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_up.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.AddIn.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\pl\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\BIBUtils.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\Discussion14.gta | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\css\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\IPM.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_hyperlink.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Bucharest | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-crt-locale-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Journal\NBDoc.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ICE\ICE.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099186.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR2F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN096.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FLYERHM.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_hail.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\APA.XSL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_up.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down_BIDI.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\VSTARemotingServer.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101860.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382963.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00784_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SKY\SKY.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0145272.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\People\THROAT.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\ipscht.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\bin\dblook | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\feature.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Africa\Ceuta | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-Bold.otf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\EXLIRM.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_AutoMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\hwrcommonlm.dat | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\MET | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-spi-quicksearch.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Journal\InkSeg.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00154_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-windows.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-tabcontrol_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_right_mouseout.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Help\1042\hxdsui.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_over.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\tr.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00942_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.alert.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.docs_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\nn\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\mai\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\Help\1041\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02431_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationLeft_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\WATERMAR\WATERMAR.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\ado\msadomd.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10254_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152876.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0305257.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.widgets.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-javahelp_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Atikokan | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Photo Viewer\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\MSClientDataMgr\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187815.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187861.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\en.ttt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.update\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\about.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-ui_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\Triedit\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00476_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CLVIEW.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.win32.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\currency.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101867.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107748.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00170_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\BlackTieNewsletter.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\javac.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0289430.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0205466.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0285926.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21495_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\wsdetect.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\libGLESv2.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libsdl_image_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\UrbanMergeLetter.Dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_photo_Thumbnail.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Apex.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\PASSWORD.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\STORYVERTBB.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_snow.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-middle.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\flyout.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00074_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107468.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21448_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Americana\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-autoupdate-services.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-core_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Khandyga | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\dependentlibs.list | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\THANKS.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL093.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\eula.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.update\platform.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.diagnostic.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\es\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_floating.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\UmOutlookStrings.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\People\HICCUP.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MSOUC.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\VC\msdia90.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Bishkek | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-options-keymap.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_mmx_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\ReviewRouting_Init.xsn | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\alertIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Photo Viewer\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200279.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msado26.tlb | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Sao_Paulo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02371_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\DiscussionToolIconImagesMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\TOOLICON.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\en-US\ShapeCollector.exe.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\baseAltGr_rtl.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_leftarrow.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.scheduler_1.2.0.v20140422-1847.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\services_discovery\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14516_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\sr\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1252.TXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLUECALM\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Oasis\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\LAUNCH.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-print_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Denver | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Google\CrashReports\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-core-file-l1-2-0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSPTLS.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\CUP.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Metro.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\NL.ROGERS.COM.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\blank.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.base_4.0.200.v20141007-2301.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\vlm_export.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviewers.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\FSTOCK.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SMIMEE.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Services\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msader15.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Samarkand | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.console.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\nn\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-crescent.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Help\Hx.HxC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE05869_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_divider_right.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00455_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Belgrade | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-autoupdate-ui.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14800_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.TW.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187849.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\CAMERA.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB1B.BDR | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\bs\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_over.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01329_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_VelvetRose.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\META-INF\MANIFEST.MF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\updater.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACETXT.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.APL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099154.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0151063.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\POSTCD11.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsScenesBackground.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Monaco | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.contenttype_3.4.200.v20140207-1251.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\notConnectedStateIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\rss.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00231_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15019_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\HWRCustomization\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\en-US\wab32res.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_RGB_PAL.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk15\windows-amd64\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\en-US\MpAsDesc.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeUpdaterInstallMgr.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonDown_On.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR1F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\javaws.policy | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-outline_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\management\snmp.acl.template | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Mail\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSOUC_F_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\36.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\Words.pdf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00524_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD02116_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107328.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-text_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\tzmappings | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Novosibirsk | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EDGE\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.WorkflowServices.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PPCORE.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\oledb32.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-settings_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_ps_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.BusinessApplications.Runtime.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Argentina\Buenos_Aires | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\librtpvideo_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\MpAsDesc.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0251871.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Media Player\Skins\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\add_down.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Araguaina | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ca\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\d3d11\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\STRTEDGE\STRTEDGE.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\Microsoft.Office.Tools.v9.0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21337_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)greenStateIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\InfoPathOMFormServicesV12\Microsoft.Office.InfoPath.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\zh-TW\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_output\libglwin32_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341447.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\utilityfunctions.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOnNotificationInAcrobat.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD09662_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01770_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_over.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0296288.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL00256_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\STSUPLD.INTL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART7.BDR | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MSPUB.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200377.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\whitemenu.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-ui.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Ojinaga | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Dhaka | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Journal\jnwdui.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Journal\Templates\To_Do_List.jtp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightYellow.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Media Player\wmlaunch.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Canary | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\playlist\twitch.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_WMC_LogoText.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTO\vstoee100.tlb | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Speech.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\bin\ij.bat | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\glass.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Belgrade | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\LISTS\1033\DATES.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00021_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\PAB.SAM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_TexturedBlue.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Blue_Gradient.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Srednekolymsk | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\af\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\wab32.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0086384.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Thatch.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN054.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-new.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-api-annotations-common.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-actions.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office64.en-us\Office64MUISet.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00135_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN01164_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01298_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Stationery\1033\PAWPRINT.HTM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationTypes.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185818.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PARNT_04.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme_0.9.300.v20140424-2042.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.IO.Log.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libanaglyph_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\drag.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Hand Prints.htm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099191.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceSimplifiedQuanPin.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_snow.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_down.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\33.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\pt-BR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ru.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationRight_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576black.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\access_output\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_diagonals-thick_18_b81900_40x40.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\ado\en-US\msader15.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0172193.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02431_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBBTN.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\notConnectedStateIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\LEVEL\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Couture.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18191_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BRCHUR11.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_rainy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\gl\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEODBC.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0233665.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\SAVE.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\FAX\OrielFax.Dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-backglow.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_zh_HK.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\wmpshare.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN01184_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00234_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115867.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-crt-environment-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libx26410b_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SWEST_01.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0186002.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\msinfo32.exe.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.manipulator_2.0.0.v20131217-1203.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0222019.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21480_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Sort\AUTHOR.XSL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\NAMECONTROLSERVER.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\activity16v.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\DVD Maker\Shared\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\be\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libmagnify_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\drag.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssLogo.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\1033\VBLR6.CHM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsMacroTemplate.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGMAIN.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Marquesas | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\MANIFEST.MF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\browser\blocklist.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\intf\dumpmeta.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105294.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Places\ALARM.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\sidebar.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Amman | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\redStateIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEWDAT.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\OfficeMUI.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ro.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Internet Explorer\SIGNUP\install.ins | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_mid_disable.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\SUBMIT.JS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Aqtobe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.docs.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\tnameserv.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEERR.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\Web Folders\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PIXEL\PIXEL.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0233312.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\RSSFeeds.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Apex.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Winamac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Cayenne | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libsubstx3g_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\settings.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\DVA.api | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382968.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-new_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\NOTICE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Gibraltar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\jawt.lib | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0199483.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR20F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Slate\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\slideShow.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\ssvagent.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\uz\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\librawvideo_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\xlsrvintl.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382944.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01300_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Monaco | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSTINTL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\QRYINT32.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_settings.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_postage_Thumbnail.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Kentucky\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\blacklist | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\META-INF\MANIFEST.MF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\WindowsPowerShell\Configuration\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ACCWIZ\UTILITY.ACCDA | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\lt-LT\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\title_trans_notes.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0157177.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\PersonalContact.ico | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.text_3.9.1.v20140827-1810.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\VelvetRose.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\activity16v.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01181_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153398.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\da.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationLeft_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_winxp_olv.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\abcpy.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_windy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_snow.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Internet Explorer\jsprofilerui.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME27.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\plugin.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-attach.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\is\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\nb\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ru\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\ViewHeaderPreview.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01035U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Americana\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\epl-v10.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ui_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata_2.2.0.v20131211-1531.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-favorites_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-tabcontrol_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\highDpiImageSwap.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Media Player\en-US\WMPDMCCore.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\template.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RIPPLE\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CONTAB32.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\GREETING.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\2.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15136_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\EADOCUMENTAPPROVAL_REVIEW.XSN | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\pl-PL\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-next-static.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-tools_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD19695_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01585_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382955.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME19.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME41.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Tegucigalpa | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-output2_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Montevideo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider_left.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107300.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0285782.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\sqloledb.rll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_ja_JP.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\javaws.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.LIC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\SETUP.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00037_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\gui\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\PROOF\MSWDS_FR.LEX | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\OriginMergeLetter.Dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Entity.Design.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_it.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Photo Viewer\ImagingEngine.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\ESEN\WT61ES.LEX | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\BG_ADOBE.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\oisctrl.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSSP7EN.LEX | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msadcor.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\plugin.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-print.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0285796.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Things\SPLASH.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB5A.BDR | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\WebToolIconImages.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Slate\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Lagos | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sampler_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_floating.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099195.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\tipskins.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\swiftshader\libEGL.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dialdot.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\RSSFeeds.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00299_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR5F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Black Tie.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CSS7DATA000C.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.model.workbench.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPBluHandle.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\http\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\br\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02423_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02750G.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Places\VIBE.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\vi.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-next-static.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Uninstall Information\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\drag.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\PicturesToolIconImages.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\BriefcaseIcon.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationLeft_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\net.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\msadc\handsafe.reg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00152_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_CN_5.5.0.165303\feature.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\Vdk10.rst | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_fil.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\VIEW.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGPUNCT.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\18.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\TextConv\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\23.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153514.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Black Tie.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\STS2\background.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-templates.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\tet\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\BlackTieMergeLetter.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\33.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\uk\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libdeinterlace_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Runtime\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\jawt.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Thimphu | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_output\libgl_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Journal\Templates\Shorthand.jtp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\VSTAProject.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-javahelp.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00452_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\SPANISH.LNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\visualization\libgoom_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\rtscom.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\OLNOTER.FAE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Srednekolymsk | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-modules-appui_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00172_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\ACTIVITY.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\OutDomain.ico | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Phoenix | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libfreeze_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\icucnv36.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_vi.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_down.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Zurich | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libkate_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099184.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\ENVELOPR.DLL.IDX_DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\SketchIconImages.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\RSWOP.ICM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ro\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\tl\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\uk-UA\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\content-background.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.property.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.addons.swt.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-util-enumerations_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Barbados | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRdIF.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Faculty.accdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\MSSPC.ECF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\AIR98.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-modules-appui.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OMML2MML.XSL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libprefetch_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107742.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\BREEZE.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\SSGEN.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-editor-mimelookup-impl.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-heapdump.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Newsprint.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\UrbanResume.Dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\SBCGLOBAL.NET.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\.lastModified | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Internet Explorer\ieinstal.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02758U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SlateBlue.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\APPLAUSE.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MSCOL11.PPD | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange\background.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\QuestionIcon.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\en-US\msadcor.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Antarctica\DumontDUrville | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prc\MyriadCAD.otf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CAPSULES\CAPSULES.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00045_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libsubsusf_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libscene_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AGMGPUOptIn.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02738U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14757_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Media Player\Media Renderer\DMR_120.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\libxml2.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-attach_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\blank.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00938_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21343_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PPTIRMV.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\policytool.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\WindowsBase.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD01176_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099150.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dialdot_lrg.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.SG.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationProvider.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\mojo_core.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\rmid.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\license.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLUEPRNT\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0195254.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME23.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-threaddump.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\SwitchGet.mp2v | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01240_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143750.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Lime.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Trek.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR17F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\handler.reg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\EST5EDT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\com-sun-tools-visualvm-modules-startup_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Stockholm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\1033\EEINTL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0285822.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\11.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Africa\Algiers | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Stars.htm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\ktab.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_CopyDrop32x32.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl\background.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Discussion\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_divider_left.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\misc\libaddonsfsstorage_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue\HEADER.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0188669.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Notes_loop_PAL.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.eclipse.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-compat.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeXMP.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\System\MSMAPI\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\psuser_64.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-heapwalker_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY00788_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\UnreadIconImages.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Charitable Contributions.accdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107484.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OneNote\SendToOneNoteUI.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\ipsplk.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Moncton | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-utilities.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-threaddump_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonDown_On.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_gu.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02750U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\content-foreground.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.service.exsd | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\jsdt.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libchain_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)redStateIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0197983.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\RESUME.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\rmid.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00218_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\POWERPNT_F_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightYellow\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\VOLTAGE.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm.api | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can03.ths | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0230553.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PARNT_09.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR28F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL065.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\bin\NetworkServerControl.bat | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Anchorage | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-keyring-fallback.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-tools.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0149018.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198234.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0301432.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.Interop.InfoPath.SemiTrust.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\ECLIPSE_.RSA | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_partstyle.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\.lastModified | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\zh_CN\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01146_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR4B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\EmbeddedView.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\javap.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105240.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00641_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Thatch.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0199805.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\WindowsFormsIntegration.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\maintenanceservice_installer.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0292020.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\HAMMER.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\settings.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Mawson | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\release | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Adobe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\EMAIL11.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\jvm.hprof.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Etc\GMT-12 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\playlist\vimeo.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libvhs_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\picturePuzzle.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Mozilla Maintenance Service\logs\maintenanceservice-install.log | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Extensions\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Australia\Broken_Hill | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00530_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0298653.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\AddToViewArrow.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\StatusOnline.ico | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\decorative_rule.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_glass_100_f6f6f6_1x400.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\en-US\MsMpRes.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\WebKit.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Settings.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_settings.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Novokuznetsk | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-explorer.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Extensions.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\colorcycle.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\ECLIPSE_.RSA | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Funafuti | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\IMCONTACT.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\EmptyDatabase.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\XmlFile.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)notConnectedStateIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Urumqi | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Microsoft Office\Office14\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLUEPRNT\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0199283.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\viewSelectionChanged.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen\BUTTON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_rtl.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\idlj.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\be\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\picturePuzzle.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_few-showers.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office64.en-us\SETUP.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Reunion | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187883.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OFFRHD.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_rest.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\spu\libsubsdelay_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00442_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Dot.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\performance.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\feature.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.intro.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Argentina\Cordoba | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\default-browser-agent.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\spacebackupiconsmask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsImageTemplate.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\PersonalMonthlyBudget.xltx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_dot.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXEV.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\msadc\msadds.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01301_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14983_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101861.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0172067.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Lime\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME42.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_hov.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-multiview.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\uninstall.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\MpEvMsg.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01221K.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\mset7ge.kic | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\.eclipseproduct | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt_3.103.1.v20140903-1938.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\eqnedt32.exe.manifest | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\1047x576black.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01607U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0196374.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR22F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\TALK21.COM.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CONTACTINFOBB.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14828_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\DataType\Address.accft | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\Logo.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\mn\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Journal\en-US\jnwmon.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\MCIMPP.mpp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01772_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\EN00242_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00601_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+11 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Efate | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui_2.3.0.v20140404-1657.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jre7\lib\fonts\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\ink\HWRCustomization\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\MSB1STAR.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14677_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0213243.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21295_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\deploy.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Media Player\Network Sharing\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libsid_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_m.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099172.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0199473.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_Auto.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\EMAIL.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationRight_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.intro.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MYSL.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\Content.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Broken_Hill | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.descriptorProvider.exsd | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.model.workbench.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-util-enumerations.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\instrument.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-favorites.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00779_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+7 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\org-openide-modules.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0232393.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03513_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00454_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB10.BDR | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Ushuaia | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\hi\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msado28.tlb | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\javacpl.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02269_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_rest.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviews_joined.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CAPSULES\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00417_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02384_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382970.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21313_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\javaw.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-windows.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\jfxwebkit.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.Targets | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\OfficeMUISet.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD01659_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_OliveGreen.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-join.avi | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\eclipse.inf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\keystore\libfile_keystore_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_10_p010_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00705_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\GRID_01.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GRINTL32.DLL.IDX_DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR33B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\ConvertInkStore.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Rangoon | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Sofia | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\WATERMAR\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382960.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WING1.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\SIGN98.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Internet Explorer\en-US\jsprofilerui.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0195384.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPCEXT.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_CN_5.5.0.165303\feature.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.intro.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\mozglue.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\COPYING.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libgme_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AppConfig.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_glass_Thumbnail.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\Ole DB\xmlrwbin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152568.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.MY.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Seoul | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.equinox.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-crt-runtime-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\Ole DB\oledbvbs.inc | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02287_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\kk\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)greenStateIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\adcvbs.inc | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.common_3.6.200.v20130402-1505.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jmx_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsViewAttachmentIcons.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\MeetingIconMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\VVIEWER.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\CompareFind.xps | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\circle_glass_Thumbnail.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationUp_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.garbagecollector_1.0.200.v20131115-1210.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\46.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\Real.mpp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OneNote\SendToOneNOteFilter.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\ORIG98.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\reflect.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\Office14\MSOHEVI.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libedummy_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sw.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Internet Explorer\iexplore.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00233_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SpringGreen\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\SubsetList\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\curtains.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\jstatd.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Maputo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Pangnirtung | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\zu\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\MSTAG.TLB | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ARCTIC\ARCTIC.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OneNote\SendToOneNoteNames.gpd | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-10 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\plugin.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107282.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153265.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MSQRY32.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_srt_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\CalendarToolIconImages.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01164_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\VSTO\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.repository_1.2.100.v20131209-2144.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jre7\lib\images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\sunec.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prcr.x3d | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Help\1033\hxdsui.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR1B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsViewTemplate.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL086.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonUp_Off.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jre7\lib\zi\America\Kentucky\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ckb\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14578_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART4.BDR | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsHomePage.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\rtstreamsource.ax | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ne\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\1px.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107288.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Opulent.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\ONELEV.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-impl_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Australia\Sydney | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\meta\art\03_lastfm.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\24.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\mscss7en.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Funafuti | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00809_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01470_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PrivateAssemblies\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.services.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\as_IN\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PSSKETLG.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14656_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\SUBMIT.JS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Andorra | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-output2.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Client.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\misc\libstats_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_Premium.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-uisupport_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Africa\Maputo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Atlantic\Stanley | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_snow.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\PROOF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00486_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-editor-mimelookup.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_top_right.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MSCOL11.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSTH7ES.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ckb\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\NEWS.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\clock.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0188519.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\WINWORD_COL.HXC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\ir.idl | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-charts_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs-nio2_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\Adobe\Help\en_US\Adobe Reader\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\ink\pencht.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\PROOF\MSWDS_ES.LEX | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\Ole DB\en-US\msdasqlr.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341499.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Stars.htm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ACCWIZ\ACWZLIB.ACCDE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows NT\TableTextService\TableTextService.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\La_Paz | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\settings.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+3 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychartplugin_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-crt-private-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00222_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSTORE_F_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGTEAR.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00687_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY00642_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.core_2.3.0.v20131211-1531.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-nodes.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-swing-outline.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Tongatapu | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\skins\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00407_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR46B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Dialog.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.ComponentModel.DataAnnotations.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\flavormap.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\eclipse_update_120.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-lib-uihandler_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00223_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\icon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0106816.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\15x15dot.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\selection_subpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\RTC.der | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\CsiSoap.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Internet Explorer\en-US\iedvtool.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00086_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Library\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.lucene.core_3.5.0.v20120725-1805.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-editor-mimelookup-impl.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_h.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\ink\1.0\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateOnDemand.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_LightSpirit.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PSRCHSRN.DAT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\INFOPATH.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.compatibility.state.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\intf\http.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00524_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107492.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143748.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\OFFICE10.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\sunmscapi.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.concurrent_1.1.0.v20130327-1442.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\META-INF\MANIFEST.MF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Journal\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\NAVBARV.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceYi.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\15x15dot.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\gtkHandle.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-api-visual.xml_hidden | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Perspective.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\ORG97R.SAM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_center.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\am.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\psfontj2d.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-selector-api.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00728_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\RPLBRF35.CHM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\WWINTL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_s.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome_elf.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\QRCode.pmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\Ole DB\oledb32.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18198_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGAD.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jre7\lib\zi\America\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\playlist\newgrounds.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\mip.exe.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0318810.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\feature.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\css\main.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\TipTsf.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107724.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.core_0.10.100.v20140424-2042.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_hov.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0106958.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10263_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-image-inset.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\MSB1AR.LEX | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ca.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239965.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02262_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02749U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\deploy.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18231_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\POSTITL.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\settings.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RMNSQUE\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD02068_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME17.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.DataSetExtensions.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Sts.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-first-quarter.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01748_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21294_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Slate\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\validation.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libmirror_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows NT\TableTextService\TableTextServiceSimplifiedZhengMa.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\rings-dock.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00049_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\DataType\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Office Word 2003 Look.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-first-quarter.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\deploy\messages_fr.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libcompressor_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libzvbi_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libnoseek_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR6F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsViewAttachmentIconsMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BRCH98SP.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\jfr\profile.jfc | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Etc\GMT+9 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\el\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\AUTHORS.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341653.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationRight_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03470_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02754U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14579_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01478U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18248_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18254_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21338_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR44F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\BREAK.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Memories_buttonClear.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\klist.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\http\js\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0196164.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Teal.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01157_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Things\COUPLER.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-crescent_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\en-US\jsdbgui.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AXSLE.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0075478.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\ONENOTE_COL.HXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_FormsHomePage.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ONBttnPPT.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\RECALL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_pitch_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)notConnectedStateIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\MSOINTL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.TTS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0309705.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21333_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239935.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MSPST32.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-last-quarter.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Management.Instrumentation.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\22.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\ado\msado27.tlb | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsHomePage.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00913_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Lime\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.core.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-nodes_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\ehshellLogo.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01173_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341559.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Athens | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04206_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0217872.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0240719.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SECURE.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101856.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107258.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-next-static.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\gu.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\libxslt.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\browser\features\[email protected] | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Setup.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\METCONV.TXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18202_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18208_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\1033\DataServices\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Computers\computericonMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\VIEW.JS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\km\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libavi_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\LISTS\BASMLA.XSL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341551.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\UnreadIcon.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198025.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00941_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-javahelp.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-lib-profiler-ui.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libg711_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\WMPSideShowGadget.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\PROPLUS\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10266_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10268_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15172_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\ViewHeaderPreview.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Barbados | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\SignHere.pdf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia.api | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00350_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21325_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ASCIIENG.LNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423861258748.profile.gz | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multitabs_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLOOK_COL.HXC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CharSetTable.chr | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Helsinki | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libnormvol_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\msadc\msadcer.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Country.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Desert\HEADER.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OFFOWC.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Full\full.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libhqdn3d_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR25F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Jerusalem | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Text.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-execution.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\wsdetect.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Etc\GMT+7 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\si\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\liberase_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\Ole DB\oledbjvs.inc | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\1047x576_91n92.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_standard_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\LAYERS\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02417_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\TWRECE.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-queries_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152602.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\POWERPNT.DEV_F_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\messageboxalert.ico | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\MEIPreload\manifest.json | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.extensionlocation.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01793_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Adjacency.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGHEADING.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBBTN.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Argentina\Rio_Gallegos | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00297_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0281632.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\EXLIRMV.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\MarkupIconImagesMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN103.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_rainy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\cloud_Thumbnail.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH03380I.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Mail\wabmig.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00197_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ql_2.0.100.v20131211-1531.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-sendopts.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Media Player\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_extractor\libarchive_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107350.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\about.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.http.servlet_1.1.500.v20140318-1755.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.update.configurator_3.3.300.v20140518-1928.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185834.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\MARQUEE.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Filters\VISFILT.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423861240389.profile.gz | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Boa_Vista | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_am.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00345_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN109.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue\HEADER.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\mset7tk.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Samara | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.ui.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Yerevan | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN03500_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00092_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0215710.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-dialogs.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\28.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02810J.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\VIEW.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN010.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BANNER.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgeCalls.h | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Royale.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libedgedetection_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Media Player\en-US\setup_wm.exe.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\en-US\FlickLearningWizard.exe.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libkaraoke_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01243_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\DOCS.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows NT\TableTextService\TableTextServiceSimplifiedShuangPin.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\FREN\MSB1FREN.ITS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0199609.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0240189.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Aspect.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD15184_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Merida | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.bidi_0.10.0.v20130327-1442.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\Microsoft.Office.InfoPath.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02058U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR30F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\calendars.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.util_1.0.500.v20130404-1337.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\jvm.hprof.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Paramaribo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libsubtitle_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ko.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application-views_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Etc\GMT-14 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_mpjpeg_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-gibbous.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\scene_button_style_default_Thumbnail.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Chihuahua | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\mscss7cm_es.dub | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\NEWS98.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_chromaprint_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03459_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Austin.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_right_over.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\IEAWSDC.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_thunderstorm.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Thule | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Mail\wabfind.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00735_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\bg_Casual.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\WWINTL.DLL.IDX_DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Luxembourg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_settings.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\uarrow.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107488.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssBackBlue_docked.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\1px.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_pressed.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\SYMBOL.TXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\SIDEBARBB.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WCOMP98.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ENGIDX.DAT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\DOCL.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\et.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\ro-RO\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\HST10 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_email.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_no.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00122_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Aqtobe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\control\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)alertIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0098497.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198372.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00479_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-multiview.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Saipan | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Journal\Templates\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153273.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18189_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_mid_over.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_over.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationUp_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\META-INF\MANIFEST.MF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\images\cursors\invalid32x32.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\gradient.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PROGRAM.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACECORE.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Proofing.en-us\Proofing.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0089992.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\OIS_F_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL103.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\EMAIL.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15021_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGPQUOT.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkClientCP.bat | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\FrameworkList.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_over.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\38.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00799_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01242_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\RESP98.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\UTC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.renderers.swt.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\as80.xsl | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01039_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\XIMAGE3B.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\EmptyDatabase.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Slate\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2native.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ug\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Word.en-us\WordMUI.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105338.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00042_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\OUTDR_01.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Client.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\unpack200.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00396_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02055_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0185604.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0299125.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\jvm.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\custom.lua | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0314068.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\CERTINTL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\PABR.SAM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\requests\README.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00419_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0186348.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\SETLANG_F_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\NotifierDisableDownArrow.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_disabled.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CALNDR98.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\hwrlatinlm.dat | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\LogoBeta.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\COPYRIGHT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_MoveDrop32x32.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\sk\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libcdda_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Marketing Projects.accdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Guadalcanal | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\IPDESIGN.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02198_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\OrangeCircles.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\scenesscroll.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-awt.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw32.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01628_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\pl.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\security\javaws.policy | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\library.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_down.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\boot_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libtwolame_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-full_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSSP7ES.dub | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\settings.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\en-US\networkinspection.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Kerguelen | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EXPEDITN\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105232.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange\background.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SpringGreen\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00687_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGATNGET.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Windows.Presentation.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Defender\MsMpLics.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\COPYRIGHT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libmjpeg_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\ROAD_01.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_SlateBlue.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.VisualC.STLCLR.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Faroe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Pontianak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0293832.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR12F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsVersion1Warning.htm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\fontconfig.bfc | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Paramaribo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_duplicate_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\WATER\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_floating.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Reference Assemblies\Microsoft\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\lib\derbytools.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libpsychedelic_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\InfoPath.en-us\InfoPathMUI.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0090783.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\OliveGreen.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_diagonals-thick_20_666666_40x40.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-gibbous_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_left_over.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\drag.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push_item.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\Beulah | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\logo.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\System\Ole DB\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099179.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341448.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_OffMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MSN.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185780.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE04050_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18218_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSOUC_COL.HXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\OOFS.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\MessageAttachmentIconImages.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\LICENSE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0227419.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382930.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02022_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_thunderstorm.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\requests\vlm.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287024.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\jce.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Curacao | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\New_York | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Mozilla Firefox\gmp-clearkey\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\sv\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SpringGreen\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\corner.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\playlist\soundcloud.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0106572.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0157831.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0199279.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ACCWIZ\ACWZMAIN.ACCDE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FLYER.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToNotesBackground.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.databinding_1.6.200.v20140528-1422.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Help\1041\hxdsui.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105230.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152698.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\Discussion.gta | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\Portal\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLUECALM\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\msinfo32.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\AFTRNOON\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00130_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\nn\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105348.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\Issue Tracking.gta | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSACCESS_COL.HXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PEOPLEDATAHANDLER.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\stdole.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\RESUME.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\da\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libftp_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ECHO\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\POWERPNT.DEV.HXS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\MOFL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\Ole DB\msdaer.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\tr-TR\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\about.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\cmm\GRAY.pf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libdshow_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1257.TXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01180_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0211981.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Foundry.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\INFOPATHEDITOR.HXS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsHomePageScript.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Palmer | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\feature.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\js\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0324704.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSACCESS_COL.HXC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\CET | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\QUAD\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00538_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\el.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\com.jrockit.mc.rcp.product_root_5.5.0.165303 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double_orange.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\INFOML.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Media Player\wmplayer.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-first-quarter_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_uparrow.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\keytool.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\NETWORK\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLOOK.DEV_COL.HXC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\SCANPST.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\DEEPBLUE\DEEPBLUE.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\FREN\WT61FR.LEX | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\gl.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\en-US\IPSEventLogMsg.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\jmxremote.access | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\cy\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\packetizer\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\en-US\sbdrop.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152608.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SlateBlue.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\groove.net\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSSP7FR.LEX | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\jli.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Speech.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\FRAR\MSB1FRAR.ITS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL01394_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\SubsetList\Client.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\settings.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\te.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Chita | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\mozavutil.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\logo.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099173.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\VisioCustom.propdesc | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\8.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\40.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\86.0.4240.111\swiftshader\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\en-US\msinfo32.exe.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00296_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02748U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18206_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Visualizer.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02451_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\Office14\1033\MAPISHELLR.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105286.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105398.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_down.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_es.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.base.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ca\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Soft Blue.htm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BZCRD98.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\PSCONFIG.CHM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107452.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0295241.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\OliveGreen.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBPQT.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\prodicon.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Internet Explorer\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Austin.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Oasis\HEADER.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\SIDEBARVERTBB.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_up.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\RELEASE-NOTES.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.rcp.product_5.5.0.165303\feature.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\wmpenc.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0234000.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Portable Devices\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.jsp.jasper_1.0.400.v20130327-1442.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-snaptracer.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-gibbous_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\OOFTMPL.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\mscss7cm_fr.dub | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Internet Explorer\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationRight_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\index.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\org-openide-util.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Africa\Johannesburg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\GRDEN_01.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\NUMERIC.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.AddIn.Contract.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaTypewriterRegular.ttf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\feedback.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Warsaw | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\NETWORK\NETWORK.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00775_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187851.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\msadc\msadco.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00693_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\en-US\F12Resources.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Stockholm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.app.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libstl_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_rainy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.BusinessData.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0195260.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\DataListIconImagesMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\oracle.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\SystemV\MST7 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_left.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\Services\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\DEEPBLUE\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Biscay\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\form_edit.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\Stationery\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Denver | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0384888.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR16F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\MLA.XSL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\OLMAIL.FAE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\jstack.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jre7\lib\images\cursors\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Rome | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\librawaud_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00623_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01236U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MSTORE.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Khartoum | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Africa\Ndjamena | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\nl\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libscte27_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\default_thumb.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSPUB.HXS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\larrow.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SONORA\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\sqlceme35.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\gadget.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Qyzylorda | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director_2.3.100.v20140224-1921.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightYellow.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN026.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_US_POSIX.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\EPSIMP32.FLT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01138_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\AdjacencyReport.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.common_2.10.1.v20140901-1043.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\USP10.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\RTF_BOLD.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\NEWSHM.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Mazatlan | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-keyring-impl.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL089.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\WhiteDot.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RIPPLE\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL106.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_select-highlight.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Sort\YEAR.XSL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL026.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_orange.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ONBttnWD.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CERT.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\rmiregistry.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\jconsole.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\row_over.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_top.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\REPLTMPL.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR5B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Oasis.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\cgg\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\WinFXList.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libsdp_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0285410.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\service.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_down.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03731_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\CET | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\orb.idl | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Anadyr | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Enderbury | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libfps_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21548_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Custom.propdesc | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Slate\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Bears.htm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\DiagnosticsHub.DataWarehouse.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\plugin.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-options.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152690.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Minsk | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\19.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSQRY32.CHM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Maroon.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\2 Right.accdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\sqlxmlx.rll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-image-mask.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Atlantic\Reykjavik | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\maintenanceservice.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0281638.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10336_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-sendopts.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Pohnpei | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\images\Folder-48.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_hover.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD15072_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_right.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\de.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\jfr.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02464_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\SIDEBARVERTBB.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Classic.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\localizedSettings.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Kolkata | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\Triedit\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE05930_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01295_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR32F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ContactPicker.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Media Player\Visualizations\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationLeft_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-progress_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-host.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME34.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\snmp.acl.template | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\zh_TW\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\af\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185776.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00917_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\userContent_16x9_imagemask.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107500.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SPACE_01.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-4.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.eclipse.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\oc\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libhds_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Opulent.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Tijuana | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EXPEDITN\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\on_desktop\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0195788.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02435_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14533_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WPULQT98.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\RESENDL.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-crescent.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Rio_Branco | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\help.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ui.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.workbench_3.106.1.v20140827-1737.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)redStateIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18242_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\perfcore.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0197979.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GrayCheck.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\QUERIES\MSN MoneyCentral Investor Major Indicies.iqy | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\XPAGE3C.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_over.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099188.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msdaprst.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.scheduler.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-nodes.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Bahia_Banderas | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows NT\TableTextService\TableTextServiceDaYi.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21335_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\FiveRules.potx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\settings.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-api.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TAIL.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14997_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\oledb32r.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\profile.jfc | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.jarprocessor.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Los_Angeles | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_sse2_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02756U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00194_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-split.avi | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\tnameserv.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\nio.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-netbeans-modules-queries.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Journal\Templates\Music.jtp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00262_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00423_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\TWRECC.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_pressed.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Nipigon | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\settings.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02276_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GRINTL32.REST.IDX_DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBPQT.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PROG98.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\sqlcese35.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\intf\luac.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOffNotificationInAcrobat.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04196_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00403_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0205582.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ACCVDT.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-host-views.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099175.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Form.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.util_8.1.14.v20131031.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Optional\README.TXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01761_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FLYER11.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Tiki.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-masterfs-nio2.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0178932.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\POWERPNT.DEV_COL.HXC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\UnformattedNumeric.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface_3.10.1.v20140813-1009.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\js\jquery.jstree.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonDown_Off.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\System\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME05.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\javafx-iio.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\GoldRing.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santarem | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Framework.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341561.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02388_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightYellow\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\ModifiedTelespace.ico | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\play-static.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\resources.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\core_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\Office14\IEAWSDC.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\search_background.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_pl.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationUp_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.core_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\hr\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Media Player\Skins\Revert.wmz | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\gadget.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\th.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105280.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Rangoon | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libh26x_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN01545_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01143_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\lv\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\distribute_form.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD02075_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00625_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00736_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21334_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Copenhagen | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0285698.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR3F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SpringGreen.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME29.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\de.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\ea.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\et.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0175428.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Lime\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\ACCOLKI.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\People\COUGH.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\jfr.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0297759.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\MUSIC_01.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GR8GALRY.GRA | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Premium.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR46F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Scoresbysund | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_cycle_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\AdobePDF417.pmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Sts2.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\POST.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AssemblyInfo.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\fa\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\Web Folders\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Elemental.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Entity.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107266.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02466U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Foundry.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\mscss7es.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0240175.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Rome | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\com.jrockit.mc.console.ui.notification_contexts.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\en-US\WMPDMCCore.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\icon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Acrofx32.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SUMIPNTG\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_rightarrow.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\MpOAV.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099182.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR48B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCHDCNCL.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\grvschema.xsd | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Boise | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.dom.smil_1.0.0.v200806040011.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_mms_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099153.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_down.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\Office14\Custom.propdesc | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\osclientcerts.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152892.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03331_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01562U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\ro-RO\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationUp_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\photograph.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-api-caching_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Matamoros | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\OLAPPT.FAE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\bookbig.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ar.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\WINWORD_K_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\jli.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Bermuda | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Internet Explorer\F12Tools.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_INTRO_BG.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\co\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\XLSLICER.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\jcmd.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Halifax | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GRAPH_K_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Events.accdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs-nio2_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-compat.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jmx_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Aspect.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR9B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR39F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Desert\HEADER.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Chisinau | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.repository.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02743G.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00159_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21297_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Jerusalem | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-windows.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-utilities_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Orange Circles.htm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Irkutsk | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msadomd28.tlb | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\INDUST\INDUST.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\DELETE.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107734.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0151041.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\about.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\org-netbeans-modules-profiler_visualvm.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\zip.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\icon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00687_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105282.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32Info.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200163.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\WET | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-masterfs-nio2.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Journal\jnwmon.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\BCSRuntimeUI.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Karachi | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PICCAP98.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kabul | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\hprof-16.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application-views_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Shanghai | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0214948.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Contacts.accdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msdfmap.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Document Parts\1033\14\Built-In Building Blocks.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGAD.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\grid_(inch).wmf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01293_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\CNFNOT.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_ContactHighMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\30.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.SF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-text.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_dot.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-new.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.reconciler.dropins_1.1.200.v20131119-0908.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\pkeyconfig-office.xrm-ms | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Origin.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\wsgen.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-actions_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jre7\lib\zi\Etc\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\NotifierWindowMaskRTL.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\System\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Notes_loop.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\jaas_nt.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Midway | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_Earthy.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD19582_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0089945.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DissolveNoise.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\jabswitch.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-output2.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\vlc-cache-gen.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Javascripts\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0164153.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0315580.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Stationery\1033\JUNGLE.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Mail\msoe.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\vistabg.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Ulaanbaatar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18236_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Sts2.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\jarsigner.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Vienna | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\tr\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0309598.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01044_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sendopts_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBSBR.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\drag.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\31.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WHIRL1.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUB6INTL.REST.IDX_DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Fortaleza | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Jakarta | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\eclipse_1655.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-modules_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libblendbench_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02039U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_ContactHigh.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGMARQ.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\META-INF\MANIFEST.MF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-dialogs.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\GrooveFormsMetaData.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WEB11.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\_platform_specific\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToScenesBackground.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\Passport.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\zu\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\back.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\POWERPNT_COL.HXC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\QUERIES\MSN MoneyCentral Investor Currency Rates.iqy | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\feature.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double_orange.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_FormsHomePage.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Danmarkshavn | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\47.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\ado\msadox.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0292270.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR51F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\RCLRPT.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_plain_Thumbnail.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Flyout_Thumbnail_Shadow.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21316_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCHDREST.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\10.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passportcover.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\j2pcsc.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02124_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Grid.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0285360.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGACCBOX.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\35.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPHandle.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\fonts\LucidaTypewriterRegular.ttf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libdiracsys_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02443_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Flow.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\ADRESPEL.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_disabled.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\ipssve.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\cgg\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00160_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HTECH_01.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107744.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\IPEDINTL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSTH7FR.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\soniccolorconverter.ax | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Phoenix | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libequalizer_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\NAME.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\settings.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\en-US\TipRes.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Jayapura | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\icon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\PROOF\MSLID.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01152_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\ONENOTE_F_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00603_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\HEADER.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\plugin2\npjp2.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\prism-d3d.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.httpclient4.ssl_1.0.0.v20140827-1444.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-loaders.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\verify.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\playlist\anevia_xml.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGMASTHD.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Australia\Hobart | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Slipstream.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\XLINTL32.REST.IDX_DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ACCDDS.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\icudtl.dat | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\F12Tools.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Oral | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0215718.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0309664.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\INFOPATH_COL.HXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\ParentMenuButtonIconSubpict.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-crt-time-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeUpdater.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\OSetupPS.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_uk.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL00452_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Basic\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GreenTea.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\fxplugins.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-netbeans-modules-options-api.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PROFILE\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00238_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02278_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Perspective.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Yakutat | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Mail\en-US\WinMail.exe.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw48.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\OIS.HXS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Lime\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OUTLMIME.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04134_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0282126.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Noronha | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\jsse.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Tirane | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\submission_history.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ARCTIC\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0384862.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01332U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SoftBlue\tab_on.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Synchronization Services\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\localizedStrings.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\EST | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\Ole DB\msdaora.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101866.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\flyout.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\bin\startNetworkServer | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libantiflicker_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00390_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR28B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\WSS\107.accdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\settings.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR44F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_top_right.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\720x480icongraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.di.extensions_0.12.0.v20140417-2033.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows NT\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01126_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02736G.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Horizon.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkServerCP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\browser\features\[email protected] | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_udp_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN01251_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\en-US\micaut.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jre7\lib\zi\Australia\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\tet\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00834_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Stationery\1033\TECHTOOL.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\BIB.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0384895.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BULLETS.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Library\SOLVER\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Linq.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\d3dcompiler_47.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-threaddump.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Noronha | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_output\libyuv_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEWSS.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\ReachFramework.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\3082\MSO.ACL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\ACT3R.SAM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-changjei.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\jconsole.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Green Bubbles.htm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Web Folders\1033\MSOSVINT.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PSRCHPHN.DAT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\5.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OIS.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\vintage.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\specialmainsubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\feature.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\ext\zipfs.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00177_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Perspective.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\msdaosp.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_cs.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.configuration_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00175_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\OFFOWCI.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Wordcnvpxy.cnv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_ring_docked.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185790.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH03379I.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Document Parts\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\ACCOLK.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\NotifierUpArrow.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\SessionMember.ico | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\TitleButtonIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-13 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\java-rmi.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Mozilla Firefox\fonts\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.UNT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107718.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_m.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR30F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsImageTemplate.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\sr\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\lv\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099145.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00452_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0298897.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\SCNPST32.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.IO.Log.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Americana.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.InfoPath.FormControl.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Efate | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Access.en-us\AccessMUISet.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\VBAJET32.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01242_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0281008.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02051_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.DynamicData.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-profiler.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libnsc_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\groove.net\Servers\Management.cer | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB3A.BDR | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\STRBRST.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR34B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msadcer.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\keytool.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02749G.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\ExecutiveReport.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ach\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\hi\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198021.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14754_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\PublicFunctions.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-lib-uihandler.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\it.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msado20.tlb | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msadox28.tlb | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\adcjavas.inc | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_videoinset.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\sunec.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00330_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\FONTSCHM.INI | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\wxpr.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02092_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Samarkand | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\asl-v20.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.text_3.5.300.v20130515-1451.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00169_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099181.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Puerto_Rico | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\rmiregistry.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Publisher.en-us\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\settings.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Places\RADAR.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\GlobeButtonImageMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\id\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Onix32.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Peacock.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Paper.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0149407.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationRight_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\ACWIZRC.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Resource.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0250504.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\StarterApplicationDescriptors.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\klist.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.widgets_1.0.0.v20140514-1823.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_top_left.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152414.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01747_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PTXT9.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSFrontendENU.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\javafx-font.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.ui_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\softokn3.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\MSOINTL.REST.IDX_DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.LTS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\ENVELOPR.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_VideoInset.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\digest.s | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\SPACER.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-core.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0178459.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287019.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\ELPHRG01.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsOutgoingImageMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\logo.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\DirectDB.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\nbexec64.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Mail\wabmig.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\EAST_01.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0188513.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14515_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\OutofSyncIconImages.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport_mask_left.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2launcher.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Atlantic\Bermuda | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_settings.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107192.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSPUB.DEV.HXS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Simferopol | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACER3X.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\adojavas.inc | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationUp_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\fil.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Belize | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Berlin | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\preface.htm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Internet Explorer\IEShims.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Person.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_bkg_orange.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSEngine.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0151055.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\localedata.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Apia | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_vc1_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\LAYERS\LAYERS.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0158007.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115836.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\ACCSBAR.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\highDpiImageSwap.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.InfoPath.Client.Internal.CLRHost.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-crt-math-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\15.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01858_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14583_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-7 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.commands.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00236_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153089.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00139_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0212957.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToNotesBackground_PAL.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jvm.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\css\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Journal\en-US\JNTFiltr.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_m.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SATIN\SATIN.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\REMOTEL.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\DigitalInk.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL048.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Jamaica | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-keyring-fallback.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-oql_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00445_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl\HEADER.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\AddToViewArrowMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0252349.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\EXPTOOWS.XLA | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_right.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\epl-v10.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Auckland | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0216153.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL01565_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GROOVE_F_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSHY7FR.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Vladivostok | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\bs\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\spu\libaudiobargraph_v_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_settings.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105250.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01742_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-common_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287018.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLLIBR.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ug\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01701_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PPINTL.REST.IDX_DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.MX.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\16.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-core_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Vilnius | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\intf\telnet.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\STUDIO\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD07831_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME21.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Warsaw | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\clock.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\FlickLearningWizard.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.ibm.icu_52.1.0.v201404241930.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.di_1.0.0.v20140328-2112.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\3.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0182946.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\SHAREPOINTPROVIDER.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\ink\penusa.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0195248.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\ipskor.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DissolveAnother.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_dot.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssBackBlue_Undocked.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Checkers.api | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LABEL98.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\WINWORD.DEV_F_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\mlib_image.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\sunec.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Sydney | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Help\1031\hxdsui.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\AddIns.store | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0297551.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\zh-TW\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Currie | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.diagnostic_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.commons.logging_1.1.1.v201101211721.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\nb\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\intf\modules\httprequests.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\kn\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN111.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt_0.11.101.v20140818-1343.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\meta\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EDGE\EDGE.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0090386.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down_BIDI.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\Filters.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\license.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00136_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198113.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR18F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\OLADD.FAE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libimage_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\Ole DB\msxactps.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\jps.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Asuncion | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jre7\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\access\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.WorkflowServices.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ml\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Microsoft Office\Office14\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00382_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\ONENOTE.HXS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SMSS.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_up.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FORMCTL.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi_3.10.1.v20140909-1633.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\dtplugin\deployJava1.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Cambridge_Bay | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\gd\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Internet Explorer\pdmproxy100.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FLAP.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\installer.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ps\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099189.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\sports_disc_mask.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jre7\bin\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Portal\PortalConnectCore.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD19986_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\rmic.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD02115_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198377.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21301_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14883_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OUTLVBS.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\ado\msado28.tlb | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0299587.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CNFNOT32.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MSOHTMED.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\back_lrg.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\css\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Framework.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.commands_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.renderers.swt.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.equinox.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME08.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\Shared16x16Images.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\NAVBAR11.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\ipssrl.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msadcf.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_GreenTea.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\spacebackupicons.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.Design.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-border.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Vevay | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Mail\wab.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\MS.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382962.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Equity.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_left.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\flyoutBack.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0214934.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\feature.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-util-enumerations_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\images\cursors\win32_LinkNoDrop32x32.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ECHO\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\BIN\FPWEC.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\Timeline.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Abidjan | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7TSFrame.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-loaders.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BOLDSTRI\BOLDSTRI.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0212953.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGLINACC.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Psychedelic.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\fr.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\SmallLogoDev.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\management-agent.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\VideoLAN Website.url | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\settings.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\ExpenseReport.xltx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\indxicon.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libball_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\WATERMAR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD10890_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Metro.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\LASER.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libvoc_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\calendar.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\10.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00414_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02265_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\icon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sr-spl.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_foggy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00164_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\init.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\kcms.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Hobart | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Windows.Presentation.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101980.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\FrameworkList.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00231_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00235_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01247U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0302827.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_justify.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\ROGERS.COM.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\SetupMetrics\20201028183641.pma | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Brussels | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\deploy.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Cancun | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0386270.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\bookicon.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\file_obj.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Novokuznetsk | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\bs\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Defender\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200273.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\sv.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\playlist\appletrailers.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\MANIFEST.MF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-text.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.ComponentModel.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287408.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21376_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows NT\TableTextService\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Journal\Templates\blank.jtp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\settings.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\cs\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\EN00006_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\InfoPathOMV12\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SpringGreen\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_spellcheck.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Goose_Bay | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\be\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\brx\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02091_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR39F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SlateBlue.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\settings.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE01172_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_hyperlink.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LTHD11.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341634.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15173_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\bin\stopNetworkServer | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Karachi | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\feedbck2.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.identity_3.4.0.v20140827-1444.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Eirunepe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\FREN\MSB1FREN.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\OISINTL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_sun.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR2B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotsdarkoverlay.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\eclipse.inf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.ui.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Journal\en-US\PDIALOG.exe.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_bkg.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_bottom_right.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\ORG97.SAM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\WhiteboxMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_disabled.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\is.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\et\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libscte18_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTO\vstoee90.tlb | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\msmdlocal.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GreenTea.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\MedianMergeFax.Dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\11.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00306_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_docked.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18251_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\STS2\tab_on.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-BoldIt.otf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PROFILE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04267_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01123_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Module.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN108.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\41.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_over.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Help\1040\hxdsui.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21421_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\NL7Models0011.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL044.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\unpack.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\gui\libskins2_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows NT\Accessories\en-US\wordpad.exe.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\J0115876.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_ko.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\ado\adojavas.inc | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00919_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.syntheticattribute.exsd | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-ui_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-host-remote.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe Root Certificate.cer | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1036\MSO.ACL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Author2XML.XSL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PPTIRM.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\wa\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\ado\msader15.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107358.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Sts.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\RESENDS.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.NO.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\FlickAnimation.avi | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libsatip_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Civic.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\OriginReport.Dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\LICENSE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+12 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\open_original_form.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0278702.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\bg_GreenTea.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART3.BDR | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\intf\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Things\SHOVEL.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0106020.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Oriel.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-io-ui.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\mk\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationBuildTasks.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Journal\Journal.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD01660_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Median.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libinvert_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\SETLANG_COL.HXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\REMINDER.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\hwruksh.dat | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Etc\UTC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\library.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02187_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsBlankPage.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\SELFCERT.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonUp_On.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_bottom.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00828_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Wordcnvr.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\Center | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-lib-uihandler.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ta.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00916_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\InfoPathWelcomeImage.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MSOUTL.OLB | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02390_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0336075.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\br.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainBackground_PAL.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\pt-BR.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\fontmanager.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\ext\jaccess.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR50B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\THOCR.PSP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\bg\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Americana\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\ospintl.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\groove.net\Servers\RELAY.CER | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_bullets.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Lima | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART6.BDR | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\MMSL.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKS.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL092.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_foggy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libtextst_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR45B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_right_over.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14882_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\EntityPickerIntl.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKACC.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PROGRAM.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\kinit.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Antarctica\Mawson | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_output\libwinhibit_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\SecStoreFile.ico | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107132.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0387604.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\my\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\Welcome.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_output\libafile_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_down.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-execution.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mlp_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0158071.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Pushpin.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsFormTemplate.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\INCOMING.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Outlook.en-us\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ur.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\ipsnor.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Madrid | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\.lock | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.console_1.0.300.v20131113-1212.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-selector-ui.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Asuncion | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSPUB.DEV_COL.HXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_up.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Students.accdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\eu.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLENDS\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\BG_ADOBE.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\DELETE.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MAPIPH.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LTHD98.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ml.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Wake | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOICONS.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Office 2.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\rings-desk.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Media Player\Media Renderer\avtransport.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-new_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-progress-ui_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Chita | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14868_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\MessageHistoryIconImages.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OneNoteSyncPC.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Defender\MpClient.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\en-US\join.avi | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvm_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101865.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN110.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\bin\setEmbeddedCP.bat | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\server\classes.jsa | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\images\cursors\win32_CopyNoDrop32x32.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0148757.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_hover.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MLSHEXT.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\drag.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Tell_City | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CAPSULES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\ink\mraut.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15277_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Norfolk | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0309904.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSPUB.DEV_COL.HXC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB1A.BDR | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\XML2WORD.XSL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Mail\wabfind.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref_PAL.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-masterfs-nio2.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Net.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libreal_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Abstractions.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationLeft_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\chrome.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.property_1.4.200.v20140214-0004.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\update-settings.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Essential.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\SAMPLES\SOLVSAMP.XLS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CERT.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-background.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\msdbg2.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-services_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-host.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\control\liboldrc_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\ICU\icudt26l.dat | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\msadc\en-US\msadcor.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382931.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00183_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\mainimage-mask.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00096_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_Groove.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\drag.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_flyout.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00416_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ast.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Installer\chrome.7z | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-templates_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\fonts\LucidaSansDemiBold.ttf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\skins\fonts\FreeSans.ttf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows NT\Accessories\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00241_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\F12.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-ui.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Indian\Chagos | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libidummy_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Photo Viewer\en-US\PhotoViewer.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02740G.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PARNT_05.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH03011U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.services.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.ecore.change_2.10.0.v20140901-1043.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\uz\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll.sig | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107746.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\MP00132_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01785_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLOOK.DEV_K_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider_left.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\msadc\msadcfr.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02400_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msadco.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\DvdTransform.fx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tokyo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Malta | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\sd\jamendo.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEXBE.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.BusinessApplications.RuntimeUi.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\SplashScreen.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\bin\startNetworkServer.bat | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGBARBLL.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Photo Viewer\ImagingEngine.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\Ole DB\msdaurl.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PAPER_01.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Perf_Scenes_Subpicture1.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\javaws.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-crt-utility-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_rtp_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-crescent_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\Ole DB\msdaps.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\OutofSyncIconImagesMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-crescent_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows NT\Accessories\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\DW\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-crescent_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Module.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-middle.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\jvm.lib | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\41.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\trash.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Routing.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Desert\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\16.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-full.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\IRIS\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01160_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00516L.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\DELIMR.FAE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-io.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Antarctica\Syowa | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00334_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01235U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00914_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143744.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Photo Viewer\PhotoBase.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_s.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\info.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ARCTIC\ARCTIC.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_zh-CN.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\psuser.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01149_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB7.BDR | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\nacl_irt_x86_64.nexe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\STUBBY1.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Slate\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_bottom_left.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-spi-quicksearch.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\js\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Equity.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18207_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-dayi.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\PassportMask_PAL.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\SmallLogoCanary.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\hrtfs\dodeca_and_7channel_3DSL_HRTF.sofa | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_file_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\JOURNAL\JOURNAL.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21306_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\ColleagueImport.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\INVITE.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Dili | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmono_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_disabled.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0400002.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\LISTBOX.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\SmallLogo.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.servlet.jsp_2.2.0.v201112011158.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\InkObj.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\LISTS\1033\STOCKS.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS01639_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03453_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099201.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-api.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\fonts\LucidaBrightDemiBold.ttf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\http\images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\WebToolImagesMask16x16.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\README.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\ado\msado20.tlb | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PSRCHLEX.DAT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\messageboxinfo.ico | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\mset7tkjp.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee90.tlb | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-queries.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\13.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\row_over.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR23F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ext.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\locale\updater_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\fontconfig.bfc | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18199_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10335_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\fonts\TwemojiMozilla.ttf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_settings.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\27.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Garden.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Media Player\en-US\wmpnssci.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationUp_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\org-netbeans-core-windows_visualvm.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\1033\VBCN6.CHM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_en.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0195342.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\menu_style_default_Thumbnail.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-api-caching_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudiobargraph_a_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\license.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152436.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198016.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01304G.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_Casual.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBHD.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\bin\NetworkServerControl | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-autoupdate-ui.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Etc\GMT+6 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\32.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00437_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLOOK.DEV_F_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\notification_helper.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.batik.css_1.7.0.v201011041433.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-charts.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\modules\dkjson.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\MsMpCom.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\FLTLDR.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\6.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143753.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR49B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_LOOP_BG.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.SYX | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Proof.en\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip32.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01434_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382942.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_rainy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-api-caching.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\ESEN\MSB1ESEN.ITS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\IPOLKINTL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\groove.net\Servers\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18234_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\ApothecaryLetter.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libblend_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\clock.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile_drop_shadow.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\FPERSON.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382939.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02228_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14530_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OLKIRM.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\ipscsy.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\adovbs.inc | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaSansRegular.ttf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\Office14\VISSHE.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\misc\libexport_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\INDST_01.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\ENVHM.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\ado\msjro.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099164.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152716.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\tt.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Shanghai | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\js\controllers.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\TextConv\WksConv\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382947.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18232_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115842.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\pt-BR\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\etc\visualvm.clusters | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libudp_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0106124.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0156537.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Office Classic 2.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Orange Circles.htm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\trusted.libraries | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Extensions.Design.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\mscss7wre_es.dub | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Verve.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR29F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\lt.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\include\win32\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\pl.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Madrid | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\OSETUPUI.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\DataListIconImages.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\SectionHeading.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\TEAROFF.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\en-US\msadcfr.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.manipulator.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\images\vlc-48.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00177_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SoftBlue.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\SketchPadTestSchema.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\te\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Media Player\Visualizations\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_bottom.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateCore.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0182888.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-5 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64_3.103.1.v20140903-1947.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\settings.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_thunderstorm.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Help\HxRuntime.HxS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\vsta_ep32.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Media Player\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0215210.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01839_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\Hierarchy.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Mozilla Maintenance Service\updater.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_pressed.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Martinique | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Troll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\et\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libty_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02356_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ONLNTCOMLIB.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0297757.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\STOPICON.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPOBJS.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\elevation_service.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Godthab | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-profiling.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_mmx_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD01657_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE.MANIFEST | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Mail\wabimp.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01069_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18187_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-11 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.observable_1.4.1.v20140210-1835.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Argentina\Salta | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\gadget.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Help\Keywords.HxK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0337280.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions_Person.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_increaseindent.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\sqloledb.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN086.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\MSBuild\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\ECLIPSE_.RSA | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\jfxrt.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18214_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-gibbous_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Engine.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107152.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Austin.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FLYER.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Mail\en-US\WinMail.exe.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01080_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099193.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\meta-index | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Baghdad | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RICEPAPR\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\ado\msador15.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\Ole DB\msdasql.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Document Parts\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SoftBlue\background.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_decreaseindent.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Omsk | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-cli.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Atlantic\Canary | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\ado\msado21.tlb | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107150.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0183174.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0102762.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185778.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationLeft_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_LOOP_BG.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Argentina\La_Rioja | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\WMPDMCCore.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00247_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSTORE_COL.HXC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.Tools.Applications.Project.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\wa\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libswscale_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02404_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00703L.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME50.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\MANIFEST.MF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\send-email-16.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\or\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD01193_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0158477.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02450_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.update.configurator.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jre7\lib\zi\America\Argentina\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\unpack200.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\arrow.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\GlobeButtonImage.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Cordoba | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\classlist | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\GMT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\4.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\InfoPath.en-us\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEEXCL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21315_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\css\currency.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\PST8PDT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\7.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ICE\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00527_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18194_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\ipssrb.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-util.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ar.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Black Tie.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\js\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.commands_3.6.100.v20140528-1422.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\MSBuild\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.DataSetExtensions.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdate.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_left_mouseout.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\msadc\en-US\msdaremr.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0216516.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Fancy.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsPrintTemplate.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\serialver.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Australia\Brisbane | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\js\settings.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02067_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02134_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\ContactPickerIntl.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Lime\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\en_GB\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Internet Explorer\JSProfilerCore.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0188667.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR11F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR9B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_mid_over.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\EssentialLetter.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_bottom_left.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Fakaofo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152558.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0195772.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OUTLPH.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL082.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationRight_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerActions.exsd | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-sa.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiling_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Couture.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\msjet.xsl | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0229385.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\vi.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.ServiceModel.Web.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\css\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\spacer_highlights.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\excel.exe.manifest | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_italic.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGBARBLL.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Media Player\WMPDMCCore.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.commons.codec_1.6.0.v201305230611.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CANYON\CANYON.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105502.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0233512.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14692_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\4.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\ENV98.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ku-ckb.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\lv.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\epl-v10.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0090087.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21336_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SoftBlue\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\INDOMAIN.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_snow.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\org-openide-filesystems.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-api_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\EN00397_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02398U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00305_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14871_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\readme.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01296_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0216724.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18222_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviews_sent.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS01636_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099169.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Cave_Drawings.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-oql_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01186_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00458_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_rest.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7z.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msadcs.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libshm_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ru.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21326_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectToolsetIconImages.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.annotation_1.2.0.v201401042248.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.ui.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-templates.xml_hidden | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\te\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00333_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0234131.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-application.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libalphamask_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\MEDIA\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Stationery\1033\OFFISUPP.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME46.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\utilityfunctions.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\dtplugin\npdeployJava1.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-explorer.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\Office14\OLKFSTUB.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_down.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0292248.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01244_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\MINUS.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\POST98SP.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\misc.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-4 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\about.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_right.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\SendMail.api | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSTORE_COL.HXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Distinctive.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Blanc-Sablon | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\jp2iexp.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\NotifierBackgroundRTL.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Tehran | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Atlantic\Azores | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-overlay.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\pack200.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\dnsns.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-swing-tabcontrol.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-fallback_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Port-au-Prince | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\System\ado\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\STRTEDGE\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\jstat.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\mpvis.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Waveform.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonDown_Off.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\IPSEventLogMsg.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\.settings\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\ext\localedata.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libmod_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Mail\wabimp.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Oasis\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\sl-SI\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationRight_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Indiana\Vincennes | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\en-US\wmplayer.exe.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\WZCNFLCT.CHM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB2B.BDR | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\sqlcecompact35.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\en-US\mip.exe.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\mr.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-print_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\wmplayer.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOInstaller.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME03.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\ieproxy.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105298.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187895.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FORM.JS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_hover.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Mozilla Firefox\browser\VisualElements\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.VisualBasic.Targets | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\WMPMediaSharing.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME20.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\ACADEMIC.ONE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-modules-appui_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_docked.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02958_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MSTORDB.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WEBPAGE.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099157.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0174315.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Kosrae | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-applemenu_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\sq\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\mobile_browse.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_mid.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\TABON.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OARTCONV.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\kor-kor.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Full\1047x576black.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\1047x576black.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\ECLIPSE_.SF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\slideShow.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_HighMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiling_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Caracas | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02957_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18253_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\EntityDataHandler.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02218_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Concourse.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\si.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\pmd.cer | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\bl.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152890.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Paper.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME16.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR31F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange\tab_off.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.AddIn.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\MANIFEST.MF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CASCADE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\DataViewIconImages.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue\background.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\net.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\dialogs\error_window.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider_left.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\Adobe AIR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0212701.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\US_export_policy.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Slipstream.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\BriefcaseIconMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\sr-Latn-CS\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153299.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR41F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Pitcairn | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Access.en-us\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\Hierarchy.xsl | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\mset7en.kic | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\AWARDHM.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationCore.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152556.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01734_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\icon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_rest.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\core.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Core.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\COMPASS\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FALL_01.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Basic\DEFAULT.XSL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw48.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-hot.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107134.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Default.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\NEWS11.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jre7\lib\zi\Antarctica\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00126_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH02312_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0186346.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\22.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_Buttongraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00915_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0222021.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.Runtime.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\gadget.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)grayStateIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Javascripts\JSByteCodeWin.bin | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107280.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\fa.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\White_Chocolate.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\pdm.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-awt_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Africa\Nairobi | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\clock.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187881.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00608_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00095_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\AccessWeb\SERVWRAP.ASP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Aero.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15056_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\sqlceca35.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\zipfs.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.services_1.2.1.v20140808-1251.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.filetransfer_5.0.0.v20140827-1444.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\setup_wm.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\ParentMenuButtonIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\http\requests\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS01637_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD02071_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152600.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00760L.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\CONTACTS.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.jsp.jasper.registry_1.0.300.v20130327-1442.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Etc\GMT-8 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00656_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0221903.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Gambier | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0168644.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00483_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Solstice.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15023_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\MDIParent.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\db\lib\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome_200_percent.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_alignleft.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\TextFile.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\navSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-heapwalker.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00260_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKACCS.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-cli_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-last-quarter_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107490.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0251007.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_dot.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115834.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\DocumentShare\WSSFilesToolHomePageBackground.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\VC\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ca.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_win7.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\javafx-iio.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14832_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\plugin-hang-ui.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ADVZIP.DIC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PROOF\3082\MSGR3ES.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-right.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Mail\WinMail.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\eclipse_update_120.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_cdg_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile_bezel.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_thunderstorm.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\ENVELOPE.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\FRAR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ECHO\ECHO.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00564_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0090070.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GreenTea.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\WINWORD_COL.HXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Abstractions.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18246_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\WHITEBOX.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Stationery\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LTHD98SP.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Eirunepe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-api-search.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GROOVE.HXS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.jobs_3.6.0.v20140424-0053.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\SystemV\YST9 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\zy______.pfm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Desert\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OCRHC.DAT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\EXCEL_COL.HXC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR50F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Pago_Pago | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\feature.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\liblive555_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00443_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR36F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.Interop.InfoPath.Xml.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationLeft_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\main.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Foundry.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Biscay\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ust-Nera | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ta\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME28.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\brx\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\SUBMIT.JS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\time-span-16.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-host-views.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\alt-rt.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_dot.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0151073.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsPreviewTemplate.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_alignleft.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_record_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-Bold.otf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1258.TXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00806_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GROOVE_COL.HXC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Desert\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OUTLRPC.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\icon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\pdmproxy100.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\WET | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Internet Explorer\D3DCompiler_47.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\js\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-back-static.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\12.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\SmartTagInstall.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00296_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\DELIMWIN.FAE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0183168.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationLeft_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Kentucky\Louisville | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Utilities.v3.5.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\wmpnetwk.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\DisabledGoogleUpdate.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02097_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Perspective.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GRAPH_COL.HXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\To_Do_List.emf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher_1.3.0.v20140415-2008.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-annotations-common_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\defaults\pref\channel-prefs.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\uz\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_dummy_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Extensions.Design.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-api_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\xul.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\librtp_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\README.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\SETLANG_K_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_fr.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_lv.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationLeft_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\master_preferences | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Rankin_Inlet | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-execution_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ms\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Internet Explorer\SIGNUP\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00440_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\SplashImageMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OMSXP32.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Damascus | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_rest.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationRight_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\native2ascii.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Menominee | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.ui.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Porto_Velho | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\COMPASS\COMPASS.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0174639.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\mainscroll.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Ndjamena | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Edmonton | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\ink\penjpn.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PULLQUOTEBB.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\sk.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.garbagecollector.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.jarprocessor.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_snow.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_winxp_blu.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152560.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21504_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\ADD.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Novosibirsk | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Africa\Bissau | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_s.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Portal\1033\PortalConnect.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Internet Explorer\jsdbgui.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Thatch.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\DataType\Phone.accft | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\MANUAL.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgaussianblur_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RICEPAPR\RICEPAPR.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_cs.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105384.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0304861.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jre7\lib\zi\Indian\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\dialogs\stream_config_window.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS01603_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107426.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\IMPMAIL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.DirectoryServices.AccountManagement.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libstereo_widen_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00234_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0171847.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Angles.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\Messenger.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Media Player\wmpshare.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\ContemporaryPhotoAlbum.potx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.extensionlocation.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\release | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\psmachine.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\ACCDDSUI.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\ACTIP10.HLP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL108.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-over-DOT.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\feature.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ja\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGCAL.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Esl\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\SOA.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Etc\GMT-7 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_dot.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02755U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0230876.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightRegular.ttf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_tr.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WITHCOMP.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-gibbous.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\14.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\java.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\feature.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\nbexec.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD10256_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BORDERBB.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\zh-CN.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\MANIFEST.MF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099159.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0177257.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME25.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\SIDEBARBB.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\notification_plugin.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_preferencestyle.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_windy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKACCL.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Rainy_River | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\epl-v10.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00090_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0238333.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\airappinstaller.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\msadc\adcjavas.inc | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Pipeline.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\classes.jsa | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Australia\Darwin | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Photo Viewer\en-US\ImagingDevices.exe.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_MCELogo_mouseout.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile16.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0318804.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10300_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_hi.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01148_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\javacpl.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ulaanbaatar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\epl-v10.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\SuspendDisable.vsdm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\js\cpu.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH03012U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01740_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mng.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\uz.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.manipulator.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-explorer_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-full_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\IRIS\IRIS.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME52.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR25F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santo_Domingo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.addons.swt_1.1.1.v20140903-0821.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\pt_PT\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEODDBS.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Google\Update\1.3.35.452\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185796.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\PipelineSegments.store | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationUp_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Photo Viewer\en-US\PhotoAcq.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Optional\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider_right.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\OneNote.en-us\OneNoteMUI.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\da.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Rarotonga | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105234.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105320.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00610_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\CONTACTL.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_m.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Inuvik | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\rt.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\pa\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_delay_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-editor-mimelookup-impl.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jre7\lib\applet\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_srt_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libmotiondetect_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\EquityReport.Dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_VelvetRose.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\ONLINE.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\xjc.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\South_Georgia | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winClassicHandle.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-coredump.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_settings.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\Microsoft.VisualStudio.Tools.Applications.DesignTime.tlb | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Engine.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\msvcr100.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-selector-api.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\DataServices\DESKTOP.INI | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_hail.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00372_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_pl.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Brunei | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_http_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libaom_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\WindowsPowerShell\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HM00172_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00673L.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OLKIRMV.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\logo.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Internet Explorer\en-US\DiagnosticsTap.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\PROOF\3082\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\WIND.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Syowa | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EXPEDITN\EXPEDITN.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00681_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGTOC.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Documentation\1033\License Agreements\SynchronizationEula.rtf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msdaremr.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\images\speaker-32.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\view.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287020.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\ONINTL.REST.IDX_DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\ECLIPSE_.SF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\com-sun-tools-visualvm-modules-startup_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\sbdrop.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\RICHED20.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0199549.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Push\1047_576black.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341636.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGBOXES.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libflac_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_rainy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLENDS\BLENDS.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105496.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115865.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21318_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_selectionsubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding_1.4.2.v20140729-1044.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.text.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_dot.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN089.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Stationery\1033\JUNGLE.HTM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\perf_nt.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-settings.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-visual.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Mozilla Firefox\uninstall\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00671_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02201_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\OCLTINT.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\day-of-week-16.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.win32.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14829_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Mail\oeimport.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-ImageMask.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\bandwidth.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\kn\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107344.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02886_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile_drop_shadow.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH02282_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0301052.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaTypewriterBold.ttf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dubai | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\feature.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_classic_win7.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ps\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Internet Explorer\pdm.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Discussion\DiscussionToolIconImages.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Media Player\wmprph.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Northwind.accdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Media Player\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\security\local_policy.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\TestClose.i64 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00453_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02073_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MSAEXP30.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\Packages\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\D3DCompiler_47.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\msadc\msdarem.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0195812.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\msproof7.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\ado\msado25.tlb | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME33.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\TURABIAN.XSL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\directshowtap.ax | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Puerto_Rico | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\ARFR\MSB1ARFR.ITS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01166_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0280468.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02288_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\EXCEL_COL.HXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\1036\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\APPT.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\203x8subpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Internet Explorer\iedvtool.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\wlsrvc.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\Office14\BCSLaunch.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search.api | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\CMap\Identity-H | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RMNSQUE\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\HST | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187837.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Equity.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\POWERPNT_K_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\id.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\sq\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382926.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00555_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\be.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Adak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libdav1d_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00405_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0301050.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Things\WHOOSH.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-desk.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\Ole DB\sqloledb.rll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\DiagnosticsTap.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\feature.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine_2.3.0.v20140506-1720.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Etc\GMT-3 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libaribcam_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153518.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\RSSITEML.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\RSSFeeds.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_hov.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_hov.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util-lookup_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02424_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01236_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Issues.accdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-left.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-highlight.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\BG_ADOBE.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PICSTYLES.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\Media.accdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_highlights_Thumbnail.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\ktab.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument.v9.0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04385_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0183574.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00918_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Media Player\wmpenc.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\license.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00200_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR45B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\LightSpirit.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\DataType\Status.accft | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\cs.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Tahiti | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.ServiceModel.Web.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\1047x576black.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\BUTTON.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\TWSTRUCT.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jre7\lib\zi\Atlantic\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\plugin-container.exe.sig | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css\settings.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_hov.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR38F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BANNER.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Dushanbe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\SystemV\AST4ADT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BOLDSTRI\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00103_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows NT\TableTextService\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Essential.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART2.BDR | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\EditSwitch.ppt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_zh_CN.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwasapi_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annots.api | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa37.hyp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\ink\Microsoft.Ink.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\OliveGreen.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Library\Analysis\FUNCRES.XLAM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSHY7ES.LEX | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msador15.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\application.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSSP7FR.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\1 Right.accdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RMNSQUE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Biscay\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_widescreen_Thumbnail.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\javadoc.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Guyana | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.expressions_3.4.600.v20140128-0851.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\skins\skin.dtd | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Star_Full.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jre7\lib\jfr\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\keytool.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Kamchatka | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\MSEnv\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Help\Hx.HxT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\FAX\UrbanFax.Dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Proof.es\Proof.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\ED00172_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Kentucky\Louisville | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-jvmstat.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Etc\GMT+12 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Etc\GMT-13 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libdemuxdump_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SATIN\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0103402.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\INFOPATHEDITOR_F_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsBlankPage.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\QuizShow.potx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEODEXL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00414_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14710_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR32B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0149627.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\Tulip.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_disabled.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_up.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Adobe\symbol.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\System\msadc\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105520.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Midway | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\js\common.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY00127_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SpringGreen\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PRTF9.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\kk.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\html\cpyr.htm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\OPHPROXY.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sr-spc.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\WMM2CLIP.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\JOURNAL\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MLCFG32.CPL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PPTICO.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Cape_Verde | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\sv\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\en-US\mpvis.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CONCRETE\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN065.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\currency.data | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\OneNote.en-us\SETUP.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\WATERMAR\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Main.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Accessibility.api | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\osknumpadbase.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPBlue.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Kaliningrad | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\SystemV\YST9YDT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\lt\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_m.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\mlib_image.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Etc\GMT-9 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\Ole DB\oledb32r.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\LightSpirit.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7z.sfx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\plugin2\msvcr100.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD01548_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143752.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR12F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\EquityLetter.Dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Synchronization Services\ADO.NET\v1.0\Microsoft.Synchronization.Data.Server.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Extensions\external_extensions.json | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\dcpr.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt_0.12.100.v20140530-1436.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Atlantic\South_Georgia | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-gibbous.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME49.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Darwin | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\localizedStrings.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\SpeechEngines\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Internet Explorer\en-US\eula.rtf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00172_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\People\SNEEZE.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\java.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Indiana\Marengo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14869_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsMacroTemplate.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectStatusIconsMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_thunderstorm.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_windy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\sunjce_provider.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\Help\1049\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\rt3d.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\ENES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE01797_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\msadc\msadcs.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\Informix.xsl | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21312_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.Activities.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\css\calendar.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\1 Top.accdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Oslo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Miquelon | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Zurich | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-core-file-l2-1-0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\NOTE.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\mscss7wre_en.dub | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-delete.avi | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\policytool.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ast\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\ink\rtscom.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ECLIPSE\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL00260_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0301252.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Havana | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Prague | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\gu\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00057_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Lime.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SoftBlue\tab_off.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WEBCALSO.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BZCARD11.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-threaddump_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0285780.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Metro.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME39.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\RESEND.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PPSLAX.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgeCalls.c | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-charts.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\curl-hot.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\EXCEL.HXS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\3.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.core.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-execution_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Things\CAN.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\AddToViewArrow.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_mid_over.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\REPTWIZ.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-It.otf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18184_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSACCESS.DEV_K_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows NT\TableTextService\en-US\TableTextService.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\rings-dock.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101863.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB01741L.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Pangnirtung | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\OPTINPS.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01151_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14791_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Biscay\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_up.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Atlantic\Madeira | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02748G.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-new.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\whiteband.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GRINTL32.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GrayCheck\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\QUERIES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationUp_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.lucene.analysis_3.5.0.v20120725-1805.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\ccme_base.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\Ole DB\sqlxmlx.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\RECL.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\com-sun-tools-visualvm-modules-startup.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\feature.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\SystemV\HST10 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Proofing.en-us\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00346_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\XLCPRTID.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\ssvagent.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Tallinn | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\lgpllibs.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\InformationIconMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LTHDHM.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\THIRDPARTYLICENSEREADME-JAVAFX.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Documentation\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB02229_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.reconciler.dropins.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-multitabs.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\VERSION.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Etc\GMT+11 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\de\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\logo.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.services.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\firefox.VisualElementsManifest.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21518_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Hiring Requisition.fdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\CalendarViewButtonImages.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_justify.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\awt.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dhaka | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.actionProvider.exsd | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libattachment_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_down.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLOOK_K_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Chagos | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.commands.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00943_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\APPTL.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\AXIS\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0090781.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\rollinghills.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\MST7 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\librv32_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\LISTS\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0199423.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01154_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR30B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART9.BDR | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\OLNOTE.FAE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Teal.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msadomd.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\splash.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\invalid32x32.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.repository.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libaribsub_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01566_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Installed_schemas14.xss | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\STARTUP\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\sk-SK\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\deploy\messages_pt_BR.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\25.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\Adobe\Updater6\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GROOVE_K_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\IPDSINTL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\Presentation Designs\Maple.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPOlive.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\libinteger_mixer_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libnuv_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115864.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.SharePoint.BusinessData.Administration.Client.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\ENV11.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\Help\1042\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00531_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Installer\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187921.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382958.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02862_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\DataServices\+NewSQLServerConnection.odc | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.DynamicData.Design.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\Triedit\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-keyring-fallback.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\A3DUtility.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153095.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\play-background.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\javaws.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Google\Update\Download\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\ED00019_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\NAVBRPH1.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\deploy\ffjcext.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\WATER\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00820_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_m.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_FormsHomePageSlice.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Dublin | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\ECLIPSE_.SF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_ef8c08_256x240.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-disable.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02028_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-lib-profiler.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\locale\jfluid-server_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\pt_PT\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\ARROW.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\js\calendar.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\iedvtool.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Sofia | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-execution.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\dt_socket.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Austin.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18229_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Hong_Kong | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository_2.3.0.v20131211-1531.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\EXP_PDF.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\SWBELL.NET.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-io-ui_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\playlist\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR14F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\ru-RU\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-imageMask.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2ssv.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Swift_Current | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\license.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0235319.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationLeft_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw120.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SONORA\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00165_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME53.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_left.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_RGB6_PAL.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-api-progress.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libparam_eq_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Photo Viewer\PhotoViewer.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD00173_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\JAVA_01.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\icon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\9.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Outlook.en-us\SETUP.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0386120.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105328.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0188679.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\CollectSignatures_Init.xsn | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\WINWORD.DEV_COL.HXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\DataType\Payment Type.accft | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Cairo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\ECLIPSE_.RSA | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\month.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00798_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLPERF.INI | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\SETLANG.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00444_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Photo Viewer\en-US\PhotoViewer.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSLoc.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyNotesBackground_PAL.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\splashscreen.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-autoupdate-cli.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Port_Moresby | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ARCTIC\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\javafx.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\crashreporter.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Bears.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\VIEW.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\rtscom.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSCommon.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00965_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01923_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00468_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01563_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-uisupport.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\security\cacerts | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\en_GB\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\misc\liblogger_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\Ole DB\sqloledb.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0187423.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\720_480shadow.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_hu.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.p2.ui.overridden_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-actions.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\LICENSE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107308.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423861240811.profile.gz | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libd3d11va_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_es_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\pkeyconfig.companion.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_SlateBlue.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\hu.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.directorywatcher.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Kuching | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\sqlite.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099168.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\WindowsBase.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0145810.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0182898.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-previous-static.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\resources.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.resources_3.9.1.v20140825-1431.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Sitka | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\SaveAsRTF.api | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\EADOCUMENTAPPROVAL_INIT.XSN | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02793_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR37F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormToolImages.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\38.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\bn.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\ACCVDTUI.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-last-quarter_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OUTLACCT.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jre7\lib\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\images\Other-48.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_hover.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00050_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02223U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\macTSFrame.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\jce.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\vi\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SUMIPNTG\SUMIPNTG.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\GWE.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_hail.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\security\trusted.libraries | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\security\US_export_policy.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Almaty | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_de.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01063_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\BCSClient.Msg.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CATWIZ.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Dawson | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\epl-v10.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\macHandle.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_left_mouseover.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKREQ.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\chapters-static.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw32.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\LISTS\1033\PHONE.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0157191.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\js\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\deploy\messages_zh_HK.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15171_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\Shared24x24ImagesMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\javaws.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark_mac.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099149.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101858.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14768_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\EntityPicker.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\EXPTOOWS.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_alignright.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Swift_Current | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\stream_out\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01168_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH03205I.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Concourse.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Module.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\OmdBase.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_zh_TW.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143743.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_right.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsViewAttachmentIconsMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\UrbanMergeFax.Dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InkObj.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport_mask_right.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\bg.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-core-output2.xml_hidden | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0195428.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Civic.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105360.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21375_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.eclipse.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Etc\GMT-1 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\settings.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\COMPASS\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_is.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.HK.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\msdatasrc.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Chihuahua | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_up.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\CMap\Identity-V | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsViewAttachmentIcons.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\21.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Vienna | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0400003.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Verve.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssLogo.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\libGLESv2.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Makassar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR49F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\STS2\tab_off.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\System.AddIn.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\MainMenuButtonIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Taipei | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\jhall-2.0_05.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Africa\Monrovia | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\J0115856.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Response.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MAPISHELL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\WidescreenPresentation.potx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jre7\lib\deploy\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\or\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Aero.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libscreen_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00513_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_bkg.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\Microsoft.Office.Infopath.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-crescent_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\bin\derby_common.bat | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-attach.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-attach.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\London | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\26.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14980_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ar\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CASCADE\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\OrielReport.Dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-1 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\CST6CDT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_rest.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_rest.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\SOCIALCONNECTORRES.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15134_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Defender\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\feature.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\librawdv_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\wmpnscfg.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_windy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Proof.es\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Roses.htm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\updater.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\OMSSMS.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\ERROR.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft.NET\RedistList\AssemblyList_4_extended.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-crescent.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\ERROR.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\redStateIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\highlight.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\MANIFEST.MF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\feature.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\DEEPBLUE\DEEPBLUE.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107188.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0237759.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Media Renderer\DMR_48.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\macroprogress.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsPrintTemplate.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_down.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-plaf_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\PMAILEXT.ECF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\MDIParent.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_hover.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\en-US\msdasqlr.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\manifest.json | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SLATE\SLATE.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN01044_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY01006_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MSRTEDIT.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-previous-static.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Malta | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-crt-stdio-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-crt-string-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\VBE7.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Median.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\sl\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Median.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\MP00646_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider_right.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Chatham | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sendopts_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\El_Salvador | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\keystore\libmemory_keystore_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00419_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107480.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ms.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR1B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR29F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\background.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\CST6CDT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187825.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\REC.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BlackRectangle.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\eclipse.inf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\libxml2.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libgain_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00669_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02126_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\ssv.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00190_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01750_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceDaYi.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\hu.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Pretty_Peacock.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-snaptracer_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Solstice.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\en-US\tabskb.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.directorywatcher_1.1.0.v20131211-1531.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0229389.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\MSTHED98.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Wordconv.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\slideShow.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationUp_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\gu\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\misc\libvod_rtsp_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\NL7MODELS000C.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSSP7EN.dub | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dialdot.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\CalendarToolIconImagesMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\TABMASK.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\topnav.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-explorer.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RADIAL\RADIAL.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR44B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASK.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jre7\bin\server\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ar\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\MpSvc.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\VDK10.STC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.CMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_ffd27a_256x240.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_id.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_increaseindent.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\dcpr.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirect3d11_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0086426.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105288.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\POWERPNT.DEV_COL.HXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME40.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_VideoInset.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\deploy\messages_ja.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\6.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\SPPlugins\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02791_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01299_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\uninstall\uninstall.log | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Modern.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\ClassicPhotoAlbum.potx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18228_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\rtf_choosefont.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\ja-jp.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Soft Blue.htm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh89 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSSOAP30.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Proofing.en-us\SETUP.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0217698.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\ODBCR.SAM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\DISTLSTL.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\logo.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\management-agent.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libtransform_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\17.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\Services\verisign.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341554.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLED.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Oasis\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBCAL.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_down.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\el\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\Ole DB\msdasc.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0240157.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02567J.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Equity.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\OMSMMS.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\apt.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\System\ado\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\WATERMAR\WATERMAR.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0215709.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Trek.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationBuildTasks.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0157167.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01179J.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Month_Calendar.emf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\about.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Etc\GMT-4 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\1.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\45.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY01572_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\css\cpu.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCDRESPL.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Desert\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Palau | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\feature.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\feature.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Africa\Abidjan | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\pingsender.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.VisualC.STLCLR.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198020.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\XLINTL32.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_h.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_matte.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\PreviousMenuButtonIconSubpi.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00985_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099151.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\EXPLODE.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Creston | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.io_8.1.14.v20131031.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jre7\lib\zi\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\pt_BR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0106146.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\GRIPMASK.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\IPOLK.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\UserControl.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\jfr.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Yellowknife | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\8.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD01074_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00935_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21310_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MEDCAT.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\UCT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Istanbul | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\sidebar.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RADIAL\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01931J.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\groove.net\ManagedObjects\SignedManagedObjects.cer | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_altgr.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\javacpl.cpl | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Internet Explorer\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Adjacency.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Library\SOLVER\SOLVER32.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_left.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01066_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18211_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\PublicFunctions.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\10.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_INTRO_BG_PAL.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libvpx_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\eBook.api | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Internet Explorer\en-US\iexplore.exe.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Synchronization Services\ADO.NET\v1.0\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSCommon.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\skins\skin.catalog | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.BR.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\EquityResume.Dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_few-showers.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationLeft_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS01635_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\PROOF\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04191_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME14.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\videowall.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\feature.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk15\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_up.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\msmgdsrv.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MSPPT.OLB | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_s.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_settings.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Help\NamedURLs.HxK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00413_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-options-keymap.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_dot.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RMNSQUE\RMNSQUE.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18212_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OART.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Sand_Paper.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Rothera | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-windows_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Metlakatla | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\Ole DB\msdaenum.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Stationery\1033\NOTEBOOK.HTM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH03224I.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21327_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Enderbury | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-sa.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\video_filter\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\2.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107446.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382948.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL109.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0234657.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR46F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libchorus_flanger_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\grayStateIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\1033\VBOB6.CHM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Premium.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\17.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Antarctica\Vostok | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\divider-vertical.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\org-openide-util-lookup.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Amsterdam | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01561_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\OnLineBusy.ico | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationUp_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Oral | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-spi-actions_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\lt\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0297229.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY00170_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Runtime\x86\Microsoft.Synchronization.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_s.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-gibbous_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue\HEADER.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsViewTemplate.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\title_trans_scene.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Managua | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_pt-BR.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01297_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Essential.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\button-highlight.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+4 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-charts_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\UKRAINE.TXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187647.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Media Player\en-US\wmpnssui.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Petersburg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\fur\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-right.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0286068.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Dataset.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\VDK10.RSD | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\TRANSMGR.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\StatusDoNotDisturb.ico | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.SharePoint.BusinessData.Administration.Client.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BZCD98SP.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Mozilla Maintenance Service\logs\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\Dialog.accdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler-charts.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\10.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked-loading.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_rainy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14532_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\ChessIconImagesMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Couture.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18257_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\dt.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\VERSION.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\drag.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01013_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00046_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0230558.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\MessageHistoryIconImagesMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\sqlxmlx.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-core-timezone-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libpng_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\psmachine_64.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR47B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\slideshow_glass_frame.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Hovd | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\drvDX9.x3d | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107364.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0232171.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02069J.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7zFM.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Help\msitss55.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR31B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\BG_ADOBE.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OneNote\SendToOneNote.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\TaxonomyControl.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvmstat_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105912.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\POSTCD98.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libspatializer_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\logo.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART5.BDR | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\SessionOwner.ico | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions_Generic.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\kcms.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_nv12_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\ink\penchs.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00052_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00932_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02261_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\DataServices\+Connect to New Data Source.odc | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Extensions.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\pa-in.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ko.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\jsdt.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-search_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Africa\Tunis | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows NT\TableTextService\TableTextServiceSimplifiedQuanPin.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Chicago | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099194.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_over_BIDI.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0086428.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Apothecary.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\AD.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBREF.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_top.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\sv-SE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\notes-static.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\include\jawt.h | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\TextConv\WPEQU532.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RADIAL\RADIAL.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Americana\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\logger\libfile_logger_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0387591.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\msdaps.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationRight_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\CIEXYZ.pf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Ashgabat | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libuleaddvaudio_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0300520.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\STSCOPY.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0285820.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02208U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\glib-lite.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.sun.el_2.2.0.v201303151357.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-coredump_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Etc\GMT-6 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0228823.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00289_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MSOSTYLE.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows NT\Accessories\en-US\wordpad.exe.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider_right.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CHECKER.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Antigua | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\brx\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\icon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107502.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GrayCheck\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GrayCheck.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Mauritius | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\ED00010_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02373_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02214_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR47B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.ui.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\PICTIM32.FLT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0145895.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE01160_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PRRTINST.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCDRESNS.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\VVIEWRES.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\ADD.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\DVD Maker\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Music.emf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Merida | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\ENFR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02127_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0292982.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_splitter\libpanoramix_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00555_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\io.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ko.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\cursors.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Kiritimati | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Vladivostok | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Etc\GMT-10 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Composite.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0304933.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME38.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR3B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\CONTACT.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\YST9 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CANYON\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\NVBELL.NET.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft SQL Server Compact Edition\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-2.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_foggy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\chrome.VisualElementsManifest.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\PST8PDT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\nss3.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmad_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-gibbous_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Sync Framework\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Internet Explorer\SIGNUP\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libx264_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143746.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GRAPH_COL.HXC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationClient.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.attributeTransformation.exsd | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEES.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\OL.SAM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\CHECKBOX.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\visualization\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BREEZE\BREEZE.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00248_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02617_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\DataSet.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_hail.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_h.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\npt.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Antigua | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\playlist\bbc_co_uk.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH02298_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR1F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_left.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\Form_StatusImage.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationUp_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\MANIFEST.MF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\add_down.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0151061.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0234266.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Media Player\Media Renderer\connectionmanager_dmr.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-first-quarter.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Africa\Lagos | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Mozilla Firefox\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00158_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00170_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\AccessibleHandler.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\settings.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0293570.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsOutgoingImageMaskSmall.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\StarterNotificationDescriptors.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\HST | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Journal\Templates\Genko_1.jtp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN01308_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsBrowserUpgrade.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\SLERROR.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\server\jvm.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Wake | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\TextConv\Wks9Pxy.cnv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Tegucigalpa | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD19828_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PNCTUATE.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\title.htm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH03143I.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ms.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libwebvtt_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01170_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGPICCAP.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\whitemask1047.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00163_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0136865.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00559_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\fonts\LucidaBrightRegular.ttf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Africa\Windhoek | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105376.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Black Tie.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ACCDDSLM.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\System\msadc\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Monrovia | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\form_responses.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLENDS\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Urban.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ta.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\Office14\AUTHZAX.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libmpg123_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\REFINED\REFINED.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Pushpin.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\24.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0285808.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10298_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\15x15dot.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Caracas | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Stanley | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows NT\TableTextService\TableTextServiceArray.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\Setup.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04235_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\GREET11.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WEBPAGE.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_display_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00017_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD15301_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AssemblyInfoInternal.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\en-US\msaddsr.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\launcher.win32.win32.x86_64.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\weather.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01241_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WING2.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18219_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kuching | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\AST4ADT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Argentina\Catamarca | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Argentina\Ushuaia | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\EssentialReport.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_dot.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0293828.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR38F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\VeriSignLogo.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGCHKBRD.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\QP.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\1047x576black.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\15x15dot.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200183.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01472_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02227_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.BusinessApplications.RuntimeUi.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_down_BIDI.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLLIBR.DLL.IDX_DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGPUNCT.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationRight_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Aqtau | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libcc_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\TURKISH.TXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Peacock.htm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Media Player\wmpconfig.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00494_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Urban.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\vignettemask25.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-coredump.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\browser\VisualElements\VisualElements_150.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00256_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00361_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105238.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\BHOINTL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME01.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21364_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\DataServices\FOLDER.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\management.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00057_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099204.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0145669.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239079.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0241781.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR14F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\msdasql.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_content-background.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Scene_loop.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00557_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.BusinessApplications.Runtime.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\msaccess.exe.manifest | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\license.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-options-keymap.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-sampler.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\SystemV\EST5EDT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\MSEnv\PublicAssemblies\extensibility.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\LEVEL\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\chrome_proxy.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Journal\en-US\Journal.exe.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_right.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\ReadOutLoud.api | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ECLIPSE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18223_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\en-US\TipBand.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Perf_Scenes_Mask1.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\.data\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\locale\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\VIEW.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-modules.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0199755.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\TexturedBlue.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BIZCARD.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft.NET\RedistList\AssemblyList_4_client.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_top_left.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\main_background.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\IRIS\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14984_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Design.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0217262.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00364_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground_PAL.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\background.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.servlet_8.1.14.v20131031.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\js\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\WindowsPowerShell\Modules\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOMessageProvider.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Apex.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Salta | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Bogota | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EVRGREEN\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00100_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0086478.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14581_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\bg_LightSpirit.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\CreateSpaceImageMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\accessibility.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\WindowsAccessBridge-64.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Etc\GMT+8 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Access.en-us\AccessMUI.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200467.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\adodb.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\MSBuild\Microsoft\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Porto_Velho | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.di_1.4.0.v20140414-1837.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\lv\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\stream_filter\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0292152.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository_1.1.300.v20131211-1531.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Star_Empty.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS01080_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_ContactLow.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\DVDMaker.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_output\libamem_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0304853.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh88 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\EET | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04108_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\STS2\background.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Media Player\WMPDMC.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\20.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\management.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\fonts\LucidaBrightDemiItalic.ttf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\RE00006_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21535_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_Country.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\extensions\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color48.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLUEPRNT\BLUEPRNT.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239975.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\System\ado\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.base.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-crt-filesystem-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15275_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR19F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\4.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01357_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange\BUTTON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ONBttnOL.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576_91n92.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Regina | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\nl\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\uninstall.log | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00336_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Full\15x15dot.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationUp_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Mendoza | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.core.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\km\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\control\libwin_hotkeys_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0215076.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382969.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\default_apps\youtube.crx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-core-kit.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00693_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\doclib.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\javafx.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04174_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\NEWS.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_CN_5.5.0.165303\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jre7\lib\zi\Africa\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libhttp_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR27F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\include\win32\jawt_md.h | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\jre\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ACCDDSF.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\rightnav.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Outlook.en-us\OutlookMUI.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\FBIBLIO.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA6\VBE6EXT.OLB | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00397_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Process Library.fdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Media Player\Media Renderer\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\br\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\fur\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Proof.en\Proof.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382957.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0386764.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02417U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_imem_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01680_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10264_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Sts.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_bottom_right.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationLeft_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh87 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Lord_Howe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\CMap\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\THOCRAPI.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_h.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SLATE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0183198.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\ACTIVITS.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee100.tlb | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\Xusage.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\WISC30.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107026.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02742G.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\MAIL.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\pack200.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\control\libgestures_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Journal\Templates\Month_Calendar.jtp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\TexturedBlue.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\bear_formatted_matte2.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\button-highlight.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\jabswitch.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\VDK10.SYD | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02746G.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\STS2\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21328_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WEBEMAIL.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotslightoverlay.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationRight_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\sq\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\msadc\msdaremr.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Auckland | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\THIRDPARTYLICENSEREADME.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libqsv_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Trek.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\INFOPATH_F_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Glace_Bay | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02441_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSACCESS_F_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\44.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Vancouver | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-snaptracer.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\AXIS\AXIS.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00224_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PROTTPLN.DOC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\tab_on.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\requests\vlm_cmd.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00167_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01473_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21324_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SpringGreen\BUTTON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\ipscat.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\shatter.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_LinkDrop32x32.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ta\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt32.clx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0145879.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\license.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-keymap_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD00116_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN092.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double_bkg.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-lib-profiler-common.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\browser\features\[email protected] | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PIXEL\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21503_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\REMOTE.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Iqaluit | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\mozavcodec.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-first-quarter_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01152_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Americana.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_glass.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-annotations-common.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_right_mouseover.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\RECYCLE.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FLY98SP.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\zh-TW.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185798.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGNAVBAR.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\ipsfin.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Prague | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\liblibmpeg2_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\VGX\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\hr.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Juneau | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Amman | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\META-INF\MANIFEST.MF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-api_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME04.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OWSCLT.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\msmdsrv.rll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105530.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107042.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02398_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00192_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\EXCEL.DEV_F_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Class.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Defender\en-US\MpAsDesc.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider_left.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-gibbous.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-new_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\promointl.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\msadc\msdaprsr.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0324694.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART13.BDR | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Baghdad | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143754.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.Interop.InfoPath.Xml.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Media Player\WMPMediaSharing.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationRight_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00135_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_dot.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\RSSFeeds.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libskiptags_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152702.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\INFOPATH_COL.HXC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Media Player\mpvis.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\lt\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Adobe.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Buenos_Aires | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\jaas_nt.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HM00005_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107728.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287645.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\IMAGE.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_choosecolor.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationRight_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\timeZones.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME24.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR22F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\MeetingIcon.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0090777.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341439.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ashgabat | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\license.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationProvider.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\meta_engine\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\ALRTINTL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME12.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\People\GIGGLE.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN107.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\offset.ax | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-search.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Network Sharing\ContentDirectory.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CORPCHAR.TXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00351_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187847.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.sat4j.pb_2.3.5.v201404071733.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_over.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_rainy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationRight_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\jvisualvm.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Pyongyang | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prc\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02282_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\dropins\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\etc\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Indian\Mauritius | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libbluescreen_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105396.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsPrintTemplateRTL.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\PROOF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Boa_Vista | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Thule | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ckb\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\images\Audio-48.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\wmpnssci.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Desert\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_VideoInset.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN02559_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormToolImages.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\LINEAR_RGB.pf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler-common.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\ZX______.PFB | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Santo_Domingo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color32.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\ACEODBCI.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CANYON\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_SlateBlue.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.ServiceModel.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Moscow | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_divider_left.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN01173_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD05119_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\OutlineToolIconImagesMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Discussion\DiscussionToolIconImagesMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-swing-tabcontrol.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ACCWIZ\ACWZUSR12.ACCDU | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Peacock.htm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Managua | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\d3d9\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR43B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21314_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\rtf_underline.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Guatemala | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-heapwalker.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00439_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01627_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01805_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_right.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\Microsoft.Office.Infopath.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.IE.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL058.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\LoginForm.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_windy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\IpsMigrationPlugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\pt-PT\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\firefox.exe.sig | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR28F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\POLICIES.FDT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceArray.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Lisbon | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ka\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\zh_TW\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-last-quarter.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\NETWORK\NETWORK.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\viewDblClick.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02066_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PARNT_10.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\am\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\bn_IN\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_down_BIDI.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Thawte Root Certificate.cer | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HM00114_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0285484.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\AccessWeb\RPT2HTM4.XSL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\CNFNOT.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MIMEDIR.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH00601G.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\zh-CN\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.security.ui_1.1.200.v20130626-2037.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-2.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Shades of Blue.htm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdate.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-core.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Journal\JNWDRV.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10299_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_underline.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239973.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Origin.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Sitka | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Gambier | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\bn_IN\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\is\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1250.TXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099174.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\GFX.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\FAX\OriginFax.Dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\pt-br.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-options.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\OutAdd.raw | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\lg\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\en-US\wmpnssui.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0305493.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OWSSUPP.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_buttongraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\MEIPreload\preloaded_data.pb | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\servertool.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows NT\TableTextService\TableTextServiceAmharic.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Technic.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Technic.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WEBLINK.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-awt.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\glib-lite.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL00286_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\EXCEL.DEV_COL.HXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR9F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\MCESidebarCtrl.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107154.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL081.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Media Player\en-US\wmlaunch.exe.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\swiftshader\libGLESv2.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw120.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0234376.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\jsound.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Volgograd | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\playlist\jamendo.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSTORE_K_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\OLAPPTR.FAE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-coredump_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Web Folders\MSOSV.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00814_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\gadget.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Lindeman | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Rainy_River | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\dialogs\equalizer_window.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Biscay\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02407_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\ACT3.SAM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\psfont.properties.ja | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\jawt.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099171.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107450.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\Help\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\System\msadc\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL01395_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Places\BUZZ.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\CalendarToolIconImages.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BS2BARB.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\en-US\msader15.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\sound.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Toronto | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\create_form.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.WIH | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03466_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01239_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.commands.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.services_1.1.0.v20140328-1925.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.webapp.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.Runtime.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\misc\libaddonsvorepository_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD02158_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21482_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGBORDER.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GrayCheck.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN022.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\icon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Stationery\ShadesOfBlue.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\ContactSelector.ico | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\PROOF\1036\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\WHOOSH.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MSOHEV.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\feature.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.compatibility.state.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\de\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\MsMpRes.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR40F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\LOCALDV.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\TitleButtonSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ReachFramework.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105504.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.ID.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ta.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-background.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\eula.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Help\2052\hxdsui.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00195_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Grayscale.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\34.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\jfxmedia.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\18.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PIXEL\PIXEL.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02446_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CERT98SP.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\library.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)redStateIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\feature.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin_2.0.100.v20131209-2144.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\JOURNAL\JOURNAL.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0293234.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME54.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\masterix.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00130_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Sort\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR19F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Manaus | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\fontconfig.properties.src | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_smem_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_rest.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.AR.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGACCBAR.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\SAMPLES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\es.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_play.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\settings.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\ado\msado26.tlb | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0297749.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18193_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL104.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\15.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.alert.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00038_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187819.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Adjacency.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Verve.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL001.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMain_PAL.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Baku | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libddummy_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsHomePageStyle.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\LogoCanary.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\Office14\MAPISHELL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00098_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.Targets | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\classlist | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\gtkTSFrame.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\add_up.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\EXITEMS.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.commands_0.10.2.v20140424-2344.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\jfluid-server-15.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\JavaAccessBridge-64.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Stationery\GreenBubbles.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02264_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18213_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\GKExcel.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\MessageAttachmentIconImagesMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Guadalcanal | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\CARBN_01.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PSWAVY.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0302953.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGNAVBAR.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\ENFR\MSB1ENFR.ITS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107514.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_FormsHomePageBlank.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Things\SHOT.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MSOCFU.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-util-enumerations.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ach\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\npvlc.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\Ole DB\msdatl3.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SAFRI_01.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\EXCEL_K_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Defender\MpAsDesc.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0178632.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02794_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\nn.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\feature.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\images\cursors\win32_MoveNoDrop32x32.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider_right.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\glass.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00482_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0235241.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\REPORTS.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\NotifierDownArrow.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Lime\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-down.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03668_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\Verisign\Components\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_s.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\Desktop\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-image-mask.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Choibalsan | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\pt_PT\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\msolui100.rll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01560_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_FormsHomePageBlank.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_down.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\pdf.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\1033\VBE7INTL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00176_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107342.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15022_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\AUDIOSEARCHSAPIFE.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\BCSAutogen.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ja.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-windows.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Ho_Chi_Minh | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\da\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00078_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0250997.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_up_BIDI.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Magadan | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Journal\Templates\Seyes.jtp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\msadc\en-US\msaddsr.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107730.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME43.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Biscay.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\jp2ssv.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CASCADE\CASCADE.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RMNSQUE\RMNSQUE.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03257_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0281904.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Campo_Grande | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00068_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CALENDAR.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_settings.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\sonicsptransform.ax | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\feature.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\mk\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_MCELogo_mousedown.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01046J.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00204_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18235_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\XLLEX.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationUp_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\sl.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.extensionlocation_1.2.100.v20131119-0908.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css\main.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-io-ui.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\playlist\vocaroo.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\CoolType.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Montreal | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02116_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Apothecary.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Cuiaba | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libcrystalhd_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_choosefont.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152708.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ACEDAO.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\tpcps.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-api-progress.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_bottom_left.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\XDPFile_8.ico | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\Ole DB\sqlxmlx.rll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107264.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\Microsoft.mshtml.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Boise | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ff\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler-common.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\gd\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152722.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Media Player\Media Renderer\RenderingControl.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\gadget.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationRight_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\olh001.htm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\fi\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105600.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00720_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02045_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14691_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\VC\msdia100.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows NT\TableTextService\TableTextServiceYi.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_h.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SUMIPNTG\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099147.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00910_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\macGrey.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-multitabs.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\vcruntime140.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\1033\STINTL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10301_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153313.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02578_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\CAGCAT10.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\STORYBB.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\PublicFunctions.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ug.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-util.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Photo Viewer\PhotoBase.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\ReadMe.htm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Google\Temp\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\utilityfunctions.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEOLEDB.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_te.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationUp_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\control\libnetsync_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_mp4_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\settings.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\drag.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\stop_collection_data.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Projects.accdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04384_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01179_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21309_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GrayCheck\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CALSO98.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\MST | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\Vdk10.lng | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01015_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL020.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CATALOG.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\drag.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.felix.gogo.shell_0.10.0.v201212101605.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\deploy\messages.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ja.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.eclipse_2.1.200.v20140512-1650.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\glass_lrg.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART15.BDR | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\27.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\SoftBlue.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\handsafe.reg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationRight_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.security_1.2.0.v20130424-1801.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-openide-execution.xml_hidden | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\skins\winamp2.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Australia\Adelaide | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD19827_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSGR3EN.LEX | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_dot.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCHDREQ.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\decora-sse.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\content-types.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\fi\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_avi_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01954_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\VBAOWS10.CHM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BS53BOXS.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\en-US\DVDMaker.exe.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_splitter\libclone_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0182689.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsVersion1Warning.htm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_glass_65_ffffff_1x400.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\mux\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0148798.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Visual Studio 8\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\gadget.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\pt.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.attach_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Executive.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\AD98.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\DataType\Category.accft | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\fa\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\spu\libmosaic_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00810_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\TEXTVIEW.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CATALOG.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\id\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_hail.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02522_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR48F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTaskIconMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.metadataprovider.exsd | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler-ui.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-host-views.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Printing.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\WMPDMC.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_bg.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MSYUBIN7.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\DataType\Start End Dates.accft | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\javafx.policy | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\hu\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\lg\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft.NET\RedistList\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14756_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\java.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jre7\bin\plugin2\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jre7\lib\zi\SystemV\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\tet\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\browser\features\[email protected] | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00118_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\hprof.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\weblink.api | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0241041.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PS9CRNRH.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-previous-over-select.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PARNT_02.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH03425I.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Recife | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Indian\Kerguelen | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeAUM_rootCert.cer | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0213449.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0301418.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115866.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\dialogs\create_stream.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PROTTPLV.DOC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_output\libdrawable_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-new_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLWVW.DLL.IDX_DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN081.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\MedianReport.Dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\logger\libconsole_logger_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099177.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOnNotificationInTray.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\MS.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107316.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow\HEADER.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_Medium.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-14 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Beirut | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_stl_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_output\libflaschen_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01065_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107456.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EDGE\EDGE.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02040U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\PUSH.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00394_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00052_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01743_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_thunderstorm.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\bin\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\POSTIT.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Panel_Mask.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\PYCC.pf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-io_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-jmx.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00685_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21413_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL00298_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0299611.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-selector-ui.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ka\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\AFTRNOON\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPREARM.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107496.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE01191_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_mid.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\msadc\msadce.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105412.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSPUB.DEV_F_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\CURRENCY.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\COMPASS\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382954.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0387882.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Essential.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\TWCUTCHR.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_rest.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\include\jdwpTransport.h | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ko\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EVRGREEN\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OSPP.VBS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jre7\bin\dtplugin\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\SyncResize.wax | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN011.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Xml.Linq.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15135_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\fonts\LucidaSansRegular.ttf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\fonts\LucidaTypewriterBold.ttf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD09664_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143745.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\Accessible.tlb | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libdtv_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Horizon.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Media Player\Icons\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\jre\lib\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-masterfs.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\CGMIMP32.FNT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\dt_shmem.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-options_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\VBA\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02453_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0293240.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ne.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Luxembourg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02413_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsHomePageScript.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToScenesBackground_PAL.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-attach_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ko\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\EURO\MSOEURO.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099200.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115868.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14830_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\GKWord.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME10.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.DE.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\dtplugin\deployJava1.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0234001.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\tab_off.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\VISSHE.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationUp_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk_1.0.300.v20140407-1803.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107138.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\ACCESS12.ACC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\StarterToolTemplates.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsFormTemplate.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InkWatson.exe.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.STD | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Google\Update\Install\{ED12A50C-ADCB-4FB6-B0B7-713544A9D99B}\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\msadc\msaddsr.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSPUB.DEV_K_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Elegant.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\images\Back-48.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\en-US\wmlaunch.exe.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_s.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14538_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Slate.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Monterrey | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\intf\dummy.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_s.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\11.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\37.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR4F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Mozilla Firefox\defaults\pref\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\am\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_fi.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01253_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Sort\TITLE.XSL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0281243.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\MENUS.JS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\en-US\msdaprsr.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ru.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-sampler.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Argentina\San_Juan | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libsmb_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Stationery\SoftBlue.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0086420.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14514_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Biscay\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_h.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-coredump.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Access.en-us\SETUP.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office64.en-us\Office64MUI.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01629_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01875_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0196142.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME18.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfxrt.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Saipan | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.components.ui_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\management\jmxremote.access | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\REFINED\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\1033\VBHW6.CHM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_bottom_right.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_few-showers.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ks_IN\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\requests\playlist_jstree.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color48.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Google\Update\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0400005.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)notConnectedStateIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEREP.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\ipsfra.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Internet Explorer\ExtExport.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\settings.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\EST5EDT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\feature.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_m.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00670_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\search_background.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\JOURNAL\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA6\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0196364.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CATWIZ11.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\jdb.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EDGE\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0196110.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0233070.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\EXCEL.DEV_COL.HXC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\OUTLVBA.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.equinox.simpleconfigurator\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\removed-files | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.Targets | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\meta\art\01_googleimage.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libes_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PSRCHKEY.DAT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-jvmstat.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Antarctica\Casey | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\MANIFEST.MF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Australia\Lindeman | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CASCADE\CASCADE.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\pt_BR\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SATIN\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD15185_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Port-au-Prince | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382952.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\SalesReport.xltx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\curl-hot.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\jp2launcher.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-new.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SKY\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02742U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSHY7FR.LEX | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGATNGET.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)redStateIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-dock.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Manaus | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Nicosia | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\zh_TW\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0237336.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00034_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\EXSEC32.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\core_visualvm.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Mexico_City | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7zG.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Stars.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_de_DE.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Panama | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-execution.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-spi-quicksearch_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libts_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00543_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Sort\TAG.XSL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsHomePageStyle.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.MOF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_av1_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateComRegisterShell64.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21296_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OLKFSTUB.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_up.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dial.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\bod_r.TTF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.components.ui.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-selector-api.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Indiana\Indianapolis | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\spu\libremoteosd_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14529_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\TextConv\MSCONV97.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sr.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0178348.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Teal.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Winnipeg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0238983.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\Attachments.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_travel_Thumbnail.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-application-views.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Australia\Melbourne | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\librawvid_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\MS.CGM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\en-US\rtscom.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\visualization\libprojectm_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04323_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00352_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\CASHREG.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Qatar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\ink\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD00141_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BRCHUR98.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FORM98.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Runtime\x86\Synchronization.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\Space Templates\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-uihandler.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_es.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00171_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0304405.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD10358_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\TEXTAREA.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Journal\Templates\Memo.jtp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SPRNG_01.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Portable Devices\sqmapi.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_bottom.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_disabled.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Defender\MpOAV.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Azores | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libxa_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03236_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\1033\OFFICE10.MML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18247_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\jre\lib\amd64\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\sr\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_few-showers.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\jsdbgui.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0090149.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198712.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR48F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightItalic.ttf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-options.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MSOCF.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-next-static.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Etc\GMT+3 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00454_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\setting_back.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\DAO\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01749_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME06.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\BOMB.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MSWORD.OLB | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\VSTAClientPkg.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\Adobe\Updater6\Adobe_Updater.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152882.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Indiana\Petersburg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\SystemV\MST7MDT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\SystemV\PST8PDT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.DynamicData.Design.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Spelling.api | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ARCTIC\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\San_Luis | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\requests\playlist.json | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0178639.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSSP7EN.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR4B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Antarctica\Palmer | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Riga | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\wlsrvc.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSPUB_K_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSTORE.HXS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\7-Zip\Lang\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-back-static.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0145373.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0145904.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY01253_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libx265_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\ONGuide.onepkg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_Premium.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\ExecutiveNewsletter.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Google\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.services.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\THEMES.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MSACC.OLB | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\Groove Starter Template.xsn | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBWZINT.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_LOOP_BG_PAL.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Simferopol | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\about.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-swing-plaf.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh88 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_dummy_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\SAEXT.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Wrinkled_Paper.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libfluidsynth_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00373_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR46B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\BCSStr32.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\6.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00435_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsHomePageStyle.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cayman | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-12 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_divider_left.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg_sml.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\TextConv\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\OrielResume.Dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\logo.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MSTORES.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\co.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerActionExceptionHandlers.exsd | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css\flyout.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01618_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02757U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.PH.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Filters\offfiltx.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.ssl_1.0.0.v20140827-1444.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\dt_shmem.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\ICELAND.TXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14801_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ENGLISH.LNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_MoveNoDrop32x32.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\DAO\dao360.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Internet Explorer\en-US\ieinstal.exe.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239953.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\StaticText.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\fontconfig.properties.src | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-core-kit.xml_hidden | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\security\java.policy | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office64.WW\Office64WW.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02053J.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Copenhagen | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\Ole DB\msdaorar.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\POWERPNT.DEV_K_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\FDATE.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099161.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02074U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Templates\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\XLCALL32.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\currency.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-core-execution.xml_hidden | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\updater.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\CONFLICT.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Microsoft.VisualStudio.Tools.Applications.DesignTime.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSGR3ES.LEX | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\en-US\split.avi | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_videoinset.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-keyring-impl.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Dubai | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_down.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\CT_ROOTS.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_es.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Portable Devices\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL102.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\TWRECS.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Wordcnv.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\13.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_CA.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00040_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_center.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\IEContentService.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR18F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\default_apps\external_extensions.json | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Tunis | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.views_3.7.0.v20140408-0703.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt04.hsp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\SETUP.CHM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\CLVWINTL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\STS2\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\36.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Jayapura | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\d3d11\libdirect3d11_filters_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04326_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200611.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382938.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SoftBlue\background.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\divider-horizontal.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-back-static.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libflacsys_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\pe.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Opulent.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_right_disable.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\RES98.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\fa.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\nb.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Zaporozhye | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL016.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\settings.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0400001.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00444_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mn.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\San_Juan | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0145361.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341344.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\Invite or Link.one | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PROTTPLV.XLS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01745_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FRENCH.LNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\eclipse.inf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-windows_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_highlight-soft_100_eeeeee_1x100.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_dummy_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00267_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SUMER_01.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsPreviewTemplate.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\en-US\Sidebar.exe.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0309567.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR31F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Australia\Perth | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\libEGL.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\VDK10.STP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0150150.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0296277.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14795_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\OrielMergeFax.Dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\visualization\libglspectrum_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\main.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\QUAD\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02437_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0102984.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsPreviewTemplate.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\wsimport.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-applemenu.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Cayman | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libdcp_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office64.en-us\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-disable.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_settings.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-cli_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-progress-ui_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\fxplugins.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ms\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\ACEWSTR.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR27F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MSACCESS.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\az.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Small_News.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\ECLIPSE_.SF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Campo_Grande | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\People\Whistling.wav | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Kentucky\Monticello | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Australia\Lord_Howe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\1033\CAGCAT10.MML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\STS2\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\SUBMIT.JS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-today.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\java.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\bn\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\20.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\reflow.api | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-desk.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Australia\Currie | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_228ef1_256x240.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\SubsetList\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\icon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\tzmappings | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+5 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-io.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\SuspendStart.dwg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\FrameworkList.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\JdbcOdbc.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00586_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\STORYBB.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Pontianak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\back_lrg.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN01174_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00369_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\PACBELL.NET.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\MedianMergeLetter.Dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\ea-sym.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\ipsrus.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Port_of_Spain | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Santarem | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_bottom_left.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Technic.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.SF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\prism-d3d.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\mn\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLOOK.HOL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_FileOffMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\WSS\1100.accdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\ECLIPSE_.SF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN00790_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153508.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15060_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Document.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\GB.XSL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions_Doc.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\FLASH.NET.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-8 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-queries_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\QUAD\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0106222.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01568_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Executive.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN102.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21377_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightYellow\HEADER.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\osppobjs-spp-plugin-manifest-signed.xrm-ms | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_rest.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099185.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0215086.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\INVITE11.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Bahia_Banderas | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\af\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00726_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR24F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MSOCFUIUTILITIESDLL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Microsoft.VisualStudio.Tools.Applications.AddInManager.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightDemiItalic.ttf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\pack200.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Journal\en-US\NBMapTIP.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.THD | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099176.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sa.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2iexp.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libsharpen_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Google\Temp\GUMBFA6.tmp\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0183172.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Royale.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\sbdrop.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Vincennes | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.preferences_3.5.200.v20140224-1527.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libcanvas_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\mshwLatin.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSOUC_COL.HXC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\DVD Maker\Shared\DvdStyles\Push\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\rtstreamsink.ax | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-nodes.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-ui.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\ProjectStatusReport.potx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Media Player\Media Renderer\DMR_48.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Atikokan | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\La_Paz | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\management\jmxremote.password.template | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_down.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR21F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.HK.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\PST8PDT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18241_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_snow.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\SecretST.TTF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\nbexec.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\java_crw_demo.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateSetup.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02054_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\CalendarToolIconImagesMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7-zip.chm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.net.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD02088_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01474_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_few-showers.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Jakarta | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\Office14\ONFILTER.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FORM.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-uisupport_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Menominee | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Etc\GMT+1 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libadpcm_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL011.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\DataType\Tags.accft | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_pt_BR.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.core.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_over_BIDI.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\3.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1254.TXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0294991.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SoftBlue\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-utilities.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00186_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSPUB_F_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk16\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-keyring.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\playlist\liveleak.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\authplay.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\IACOM2.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\LoginTool24x24Images.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_pressed.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows NT\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\nl.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-api_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00956_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Oriel.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\GostName.XSL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\Office14\ONLNTCOMLIB.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_right_mousedown.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00148_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Computers\computericon.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBAD.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf_3.4.0.v20140827-1444.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Halifax | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\nl\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\en-US\setup_wm.exe.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01058_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MUAUTH.CAB | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099165.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\button-overlay.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\java.policy | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-progress-ui.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-modules-startup.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ko\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_super.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsIncomingImageMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ZoomIconsMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21344_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Nicosia | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.inject_1.0.0.v20091030.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ql.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jre7\lib\zi\Europe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_autodel_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\librotate_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\7-Zip\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\SNIPE.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\WWLIB.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\REPORTL.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Push\1047x576black.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Tucuman | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\jsound.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\ViewerPS.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR21F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\OneNoteSyncPCIntl.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.httpcomponents.httpcore_4.2.5.v201311072007.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\eclipse_1665.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\it\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-Oblique.otf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0199307.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14845_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105388.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0315447.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\javaws.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Help\1028\hxdsui.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099146.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239943.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Library\Analysis\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-Bold.otf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\console_view.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winClassicTSFrame.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01169_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105332.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Adjacency.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0202045.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Module.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Metlakatla | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Etc\GMT+2 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-crt-multibyte-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\weather.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\OFFREL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\POWERPNT.HXS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsOutgoingImage.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Mail\wab.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-down.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.di.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Yekaterinburg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Publisher.en-us\PublisherMUI.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099198.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02263_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-disable.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME35.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\pop3.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-application-views.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Guayaquil | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Reference Assemblies\Microsoft\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\he\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287644.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Bissau | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libmediadirs_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PIXEL\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00255_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02439_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Trans_Scene_PAL.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-profiler.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libtimecode_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libt140_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_settings.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can.fca | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\StopIconMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FLYER98.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_notes-txt-background.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Zaporozhye | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa03.ths | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152898.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00478_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsIncomingImage.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsFormTemplateRTL.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\babypink.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationUp_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Bahia | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Brisbane | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-ui_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\INFOMAIL.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Training.potx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\AssemblyInfoInternal.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-9 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.components.ui.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-api_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Hebron | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR47F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\he.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.commands.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-swing-outline.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RIPPLE\RIPPLE.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SMIMES.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN020.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341475.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14867_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-autoupdate-cli.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\fonts\LucidaBrightItalic.ttf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BREEZE\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RADIAL\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SPRING\SPRING.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00076_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\BlackTieLetter.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-loaders.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\nb\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BREEZE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0212661.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-execution_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL054.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_scrapbook_Thumbnail.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03339_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN048.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Notebook Templates\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\9.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\11.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105386.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SHOW_01.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_ca.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\en-US\WMM2CLIP.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Galapagos | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Wallis | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\CRANE.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00487_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-windows_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00768_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Photo Viewer\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152622.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\sr-Latn-CS\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\micaut.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationLeft_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans_1.2.200.v20140214-0004.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-openide-compat.xml_hidden | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Kuala_Lumpur | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198226.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02028K.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\POWERPNT.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\INVITE.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02270_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\settings.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\javah.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\fi\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\21.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00013_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Cocos | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Makassar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ru\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_up.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099196.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsVersion1Warning.htm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ca.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-uihandler.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_distributed.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SATIN\SATIN.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SECURL.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN082.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\MedianResume.Dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-applemenu_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-favorites.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Panama | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\css\mobile.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00270_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_italic.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\CST6 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Urumqi | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0313965.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_m.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00934_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUB6INTL.DLL.IDX_DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\wab32.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Costa_Rica | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ml\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\install.log | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\DW\DW20.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0103850.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN002.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00525_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGBORDER.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-attach.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libvdr_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_dts_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_setid_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\AccessWeb\CLNTWRAP.HTM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Stationery\1033\DADSHIRT.HTM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\include\jvmti.h | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-multitabs.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Bishkek | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-Regular.otf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02263_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MAPISHELLR.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_it.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\diagnostic-command-16.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\spu\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD19988_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\charsets.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+2 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-core-kit_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\OnLineIdle.ico | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\WSS.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationLeft_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Tongatapu | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ga\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows NT\Accessories\wordpad.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00211_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Oasis.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-back-static.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD01084_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0086424.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsViewAttachmentIconsMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\NL7MODELS000A.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\iediagcmd.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\.settings\org.eclipse.equinox.p2.metadata.repository.prefs | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-lib-uihandler.xml_hidden | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198102.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Montevideo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Moncton | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\Adobe AIR\Versions\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\include\jni.h | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cancun | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui_3.106.0.v20140812-1751.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152570.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02125_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\locale\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-ui_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Help\1036\hxdsui.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\WATER\WATER.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\Ole DB\en-US\sqloledb.rll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0199036.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Desert\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCHDRESN.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.Interop.InfoPath.SemiTrust.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_settings.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\sawindbg.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Pohnpei | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-loaders_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Aspect.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libcache_block_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\ado\msadomd28.tlb | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21435_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msadds.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\jsoundds.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\minidump-analyzer.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_rest.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\BRANDING.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\epl-v10.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\Documentation.url | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01157_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Utilities.v3.5.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\instrument.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\codec\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\SaslPrep\SaslPrepProfile_norm_bidi.spp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PROFILE\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00532_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_MediumMAsk.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\ROMANIAN.TXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Internet Explorer\en-US\jsdbgui.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01356_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-BoldOblique.otf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EXPEDITN\EXPEDITN.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\en-US\sqlxmlx.rll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\oledbjvs.inc | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\Office14\INLAUNCH.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\5.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\ended_review_or_form.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00546_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0384885.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile_bezel.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationLeft_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\28.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\greenStateIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Ojinaga | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Dawson_Creek | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Journal\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\GKPowerPoint.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\QP.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\ALERT.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Shorthand.emf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\203x8subpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.xml_1.3.4.v201005080400.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CENTEURO.TXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsImageTemplate.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN027.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\javafxpackager.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-2 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\modules\simplexml.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153302.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Thatch.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SECRECL.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\STUDIO\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL078.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationUp_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Tirane | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Gaza | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Etc\GMT+4 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\lua\liblua_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ICE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-full.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.alert_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\MS.EPS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_left_over.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Welcome Tool\IconImagesMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows NT\TableTextService\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00273_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0222015.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15276_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ENGDIC.DAT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Synchronization Services\ADO.NET\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_globalstyle.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\http\css\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLUECALM\BLUECALM.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Clarity.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\AUTHZAX.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\jre\bin\dtplugin\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiler_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PAPERS.INI | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00261_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0241037.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-back-over-select.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3_0.12.0.v20140227-2118.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Palau | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\README.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Journal\Templates\Dotted_Line.jtp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00018_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GrayCheck\HEADER.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN090.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\Contacts.accdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\ApothecaryResume.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-jmx.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\default_apps\drive.crx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Gibraltar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\AdjacencyResume.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libmpgv_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_windy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Analysis Services\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0300912.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\MsMpLics.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0232797.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PRRT.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14844_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Adobe.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-shadow.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Dublin | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0103058.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OneNote\SendToOneNote-PipelineConfig.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.UK.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\PST8 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\css\calendar.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD10972_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\CodeFile.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.forms.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\pt_BR\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\SaslPrep\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\InfoPathOMV12\Microsoft.Office.Infopath.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\PSS10R.CHM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsOutgoingImageSmall.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\sqlceoledb35.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105272.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18226_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_hov.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\default_apps\gmail.crx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-services_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_received.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CONCRETE\CONCRETE.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0281640.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSFrontendENU.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00723_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\imap.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\klist.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Thunder_Bay | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\glow.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\br.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\vdk150.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\Xlate_Complete.xsn | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue\BUTTON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.jdp.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-compat_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-lib-profiler-charts.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\29.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Installer\setup.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\LICENSE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\org-openide-filesystems_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107750.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_FormsHomePageBlank.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\gadget.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_same_reviewers.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\InfoPath.en-us\SETUP.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00105_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0145707.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00734_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Singapore | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\favicon.ico | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_top_left.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18250_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\slideshow_glass_frame.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\EST5 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\WMPNSSUI.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153047.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-3.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\SubsetList\Client.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\specialoccasion.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Casablanca | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\feature.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\axvlc.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\WSSFilesToolIconImagesMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\attention.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0160590.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0278882.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.operations.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ast\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\da\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\gadget.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\ink\InkObj.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14539_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN044.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\43.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\THIRDPARTYLICENSEREADME.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libadjust_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-highlight.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-previous-static.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Colombo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.RSA | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\javafx-font.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00441_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL00712_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\form_edit.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BS4BOXES.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceSimplifiedZhengMa.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGREPFRM.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXEV.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\THIRDPARTYLICENSEREADME.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\deploy\messages_ko.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0199475.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\ERROR.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\gfserrortogroove.ico | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\jar.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\jfxmedia.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\OCT.CHM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Library\EUROTOOL.XLAM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL012.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Indian\Christmas | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01176_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0186362.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Biscay.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-favorites.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libvcd_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\NotifierCloseButton.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_mainImage-mask.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.felix.gogo.command_0.10.0.v201209301215.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives_1.1.100.v20140523-0116.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\XLINTL32.DLL.IDX_DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\FAXEXT.ECF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\IEShims.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\CST6CDT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\STSLIST.CHM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ADVCMP.DIC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\1.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\SystemV\CST6 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\CUPINST.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\SplashImage.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Budapest | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\intf\modules\host.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\2.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Stationery\OrangeCircles.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0386267.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\UnreadIconImagesMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.forms.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-templates.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL096.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\TabIpsps.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01163_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0196060.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239941.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PARNT_08.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN097.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\powerpnt.exe.manifest | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Curacao | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.DynamicData.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\AUMProduct.aup | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_it.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Solstice.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Formal.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-core-synch-l1-2-0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.UDT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105588.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE06450_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKDECL.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_pressed.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\cs.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Perth | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.operations_2.4.0.v20131119-0908.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-threaddump.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107708.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\REVERSE.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_h.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR42F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\STS2\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Reference Assemblies\Microsoft\Framework\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\mr\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\misc\libfingerprinter_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_pressed.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR51F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB5B.BDR | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\visualization\libvisual_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_ok.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0186360.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00438_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Maroon.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\SUCTION.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_output\libvmem_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\ADO210.CHM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Uninstall.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Bears.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\appletviewer.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-annotations-common_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ast\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR13F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.JP.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-api.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185806.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR2F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBHD.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PULLQUOTEBB.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Photo Viewer\PhotoAcq.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationLeft_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-explorer_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\STUDIO\STUDIO.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Noumea | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-dialogs_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099160.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DVDHM.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099178.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21307_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCHDRESP.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\libEGL.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN00010_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21302_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKREQL.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\AddToViewArrowMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\blackbars60.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationUp_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Network Sharing\ConnectionManager.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\NAVBRPH2.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\Install\{ED12A50C-ADCB-4FB6-B0B7-713544A9D99B}\86.0.4240.111_chrome_installer.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\msolui100.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0282932.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02094_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR8B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBSBR.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\ant-javafx.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-output2_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Colombo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14513_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\NL7Data0011.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\uk-UA\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Updater.api | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_hail.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\lib\derbynet.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Melbourne | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Edmonton | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\kk\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CSS7DATA0009.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\LAUNCH.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01292_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\BCSAddin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_PreComp_MATTE_PAL.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\JAWTAccessBridge-64.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00117_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107090.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239057.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00330_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\WSSFilesToolIconImages.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PICTPH.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-spi-actions.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Santa_Isabel | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15020_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN001.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FEZIP.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\lib\derby.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21323_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\Verisign\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange\BUTTON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Creston | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\WindowsFormsIntegration.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OUTLCTL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\browser\omni.ja | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00462_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR5B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsViewAttachmentIconsMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\glow.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_High.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\ipsita.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\contbig.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Brunei | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0171685.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00095_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Apex.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\jsprofilerui.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Photo Viewer\en-US\ImagingDevices.exe.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Nome | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt55.ths | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ENVELOPE.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectToolsetIconImagesMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\mset7jp.kic | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187863.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00726_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\it.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\epl-v10.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\etc\visualvm.conf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Dawson | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\misc\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN01060_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows NT\Accessories\WordpadFilter.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-down.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\WindowsPowerShell\Configuration\Schema\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\msadc\msadcor.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN00015_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107182.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.IN.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santiago | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\epl-v10.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\NOTEL.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL097.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ext_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\management\management.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\ENES\MSB1ENES.ITS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART1.BDR | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft.NET\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\background.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\WindowsPowerShell\Configuration\Registration\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00438_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\ext\access-bridge-64.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\eu\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libimem_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0335112.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Stationery\1033\SEAMARBL.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\Shared24x24Images.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_foggy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\default_apps\docs.crx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\extcheck.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SLATE\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_zh-TW.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\VelvetRose.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGACCBAR.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.webapp.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Helsinki | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\CLIP.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21331_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CSS7DATA000A.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\logo.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)greenStateIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\3.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.update.configurator.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-options-api.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\Ole DB\msdasqlr.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_bullets.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\OriginLetter.Dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Page.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Volgograd | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00453_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00633_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Stationery\1033\DADSHIRT.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.http.registry_1.1.300.v20130402-1529.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jre7\lib\security\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\cy\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\js\ui.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Conversion.v3.5.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL105.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\cpu.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_divider_right.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\Data1.cab | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Flow.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_Earthy.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_windy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\oskpredbase.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Portable Devices\sqmapi.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_down.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04195_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Photo Viewer\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ru\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\control\libntservice_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00525_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00232_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR4F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_floating.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Etc\GMT+10 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-crt-process-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationClientsideProviders.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\StatusAway.ico | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\SOCIALPROVIDER.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\TexturedBlue.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msado15.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\audiodepthconverter.ax | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationLeft_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jre7\lib\management\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_copy_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH02313_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ONFILTER.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\BloodPressureTracker.xltx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationLeft_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Thunder_Bay | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_gather_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Proof.fr\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CONCRETE\CONCRETE.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\EN00902_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.VisualBasic.Targets | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\POSTS.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)alertIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\epl-v10.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\playlist\rockbox_fm_presets.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\settings.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.swf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14755_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR16F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\db\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\jre\bin\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Etc\UCT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_dot.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD10219_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\InactiveTabImageMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Notebook.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107146.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OLMAPI32.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\5.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME55.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked-loading.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\fy.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tashkent | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\my\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\PDDom.api | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115863.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\attention.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\Users.accdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_VideoInset.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationLeft_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\meta-index | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.renderers.swt_0.12.1.v20140903-1023.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator_1.1.0.v20131217-1203.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD15073_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Hardcover.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKDECS.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\icon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\msvcr100.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\or\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287642.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\STS2\HEADER.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\mset7db.kic | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jmx.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00157_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Median.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10255_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Americana\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\bin\setEmbeddedCP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-heapdump.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\hr\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\hy\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0151067.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18243_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGWEBCAL.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\hwrusash.dat | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\DirectDB.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\ADD.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\flyout.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msadox.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\feature.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\en-US\wmpnetwk.exe.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\Office14\VisioCustom.propdesc | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\BIN\1033\FPEXT.MSG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\booklist.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_mac.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-ui_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Africa\Khartoum | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\mai\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\zh_CN\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00932_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Angles.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\CALENDAR.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\bin\sysinfo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Easter | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\vi\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_hail.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\Sybase.xsl | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\mset7es.kic | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME07.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\IPIRM.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SoftBlue\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\OLADDR.FAE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\ipsesp.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\lt-LT\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\en_GB\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_concat_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Journal\Templates\Genko_2.jtp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0321179.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\plugin2\msvcr100.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CANYON\CANYON.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Metro.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14580_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\POSTL.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WORDREP.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\ko-kr.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\symbase.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\feature.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Africa\Tripoli | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02439_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21433_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\NL7MODELS0009.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\lua\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\GREEK.TXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\msadc\en-US\msadcfr.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Internet Explorer\networkinspection.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21400_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\month.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-crescent.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Panel_Mask_PAL.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\travel.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\8.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\REFINED\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Status Report.fdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Sao_Paulo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\deploy\messages_sv.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\plugins.dat | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql70.xsl | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\drag.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\kab.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationLeft_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-first-quarter.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00612_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Macau | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\images\cursors\win32_LinkDrop32x32.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.AddIn.Contract.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ne\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0293238.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\uk.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Kaliningrad | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OUTLFLTR.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\STORYVERTBB.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssBackBlue_Undocked.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-first-quarter_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\engphon.env | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\MSClientDataMgr\MSCDM.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mr.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-next-over-select.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\deploy\messages_zh_CN.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Bangkok | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\ZoneInfoMappings | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libau_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\STRTEDGE\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101857.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Elemental.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\ie9props.propdesc | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\sRGB.pf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_glass_100_fdf5ce_1x400.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\MSASCui.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\icon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationLeft_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.common_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-search_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Santiago | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_FormsHomePageSlice.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\plugin.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\ucrtbase.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libcvdsub_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\feature.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\MakeAccessible.api | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\descript.ion | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationRight_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.observable.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\ONINTL.DLL.IDX_DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD02161_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0177806.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Winnipeg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\feature.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SATIN\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00142_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD00160_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00392_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Explorer.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_hov.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ICE\ICE.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\London | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk16\windows-amd64\profilerinterface.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\logging.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0292278.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.batik.util.gui_1.7.0.v200903091627.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Norfolk | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\43.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00012_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Concourse.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santa_Isabel | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ia\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\icon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18230_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SMSL.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Media Player\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\README-JDK.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN00932_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107158.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0150861.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099202.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\DLGSETP.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\rjmx.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.workbench.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_output\libvdummy_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\flyout.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD08773_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Visual Studio 8\SDK\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_bullets.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Library\Analysis\ATPVBAEN.XLAM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\PassportMask.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sa_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libspeex_resampler_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RADIAL\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099166.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME36.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.VisualBasic.Targets | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_h.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\gadget.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectStatusIcons.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CA.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\hwrenclm.dat | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.jdp_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SCHOL_02.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00014_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART14.BDR | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\hy\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00466_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SIGN.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\ext\meta-index | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.CSD | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Apothecary.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\WebToolImages16x16.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_m.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18224_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Reykjavik | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\epl-v10.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Guam | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ml\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105506.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0294989.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_snow.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\DVD Maker\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\artifacts.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Hermosillo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Sakhalin | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\platform.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Runtime\x86\resources\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\LAUNCH.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.dom.events_3.0.0.draft20060413_v201105210656.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01139_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01293_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00212_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\AUTOSHAP.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15059_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\highlight.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\access-bridge-64.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\resources.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Slate\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-explorer.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\jpeg.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Indian\Mahe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\an\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD00155_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0151581.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR37F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\CircleSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\schemagen.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+6 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_s.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\Help\1028\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\ACERECR.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL00268_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00116_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\gstreamer-lite.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Grand_Turk | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\tr\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\MSB1XTOR.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0149118.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\BTOPENWORLD.COM.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\ApothecaryMergeLetter.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\DiagnosticsHub_is.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_pressed.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14654_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MAPIR.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSPUB_COL.HXC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_h.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0300840.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\bin\sysinfo.bat | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Media Player\Media Renderer\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\PDFSigQFormalRep.pdf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RICEPAPR\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04117_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152626.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler-ui.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\freebl3.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\th\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR44B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_decreaseindent.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Adobe.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PS2SWOOS.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\FAX\EquityFax.Dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\LightBlueRectangle.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0186364.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18255_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FORM.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\settings.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_buttongraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099162.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10267_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-applemenu.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-templates.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Chuuk | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-hot.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\ACTIVITL.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\SIDBAR98.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.app_1.0.300.v20140228-1829.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.transport.ecf.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-util-enumerations.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN02724_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099155.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Media Renderer\connectionmanager_dmr.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\info.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\DATE.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Desert.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)alertIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\msadc\en-US\msdaprsr.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02093_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02368_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0251925.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_s.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\AccessWeb\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Computers\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\en-US\WMPMediaSharing.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\drag.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_rest.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Temp\GUMBFA6.tmp\GoogleUpdateSetup.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107254.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Urban.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_fa.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD02097_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_SelectionSubpictureB.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jre7\lib\cmm\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-uihandler.xml_hidden | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Help\1046\hxdsui.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\ink\skchobj.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ECLIPSE\ECLIPSE.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH02166_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\header-background.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kolkata | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\about.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01368_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SECREC.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-settings.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-host-remote.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\meta\art\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE01661_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14870_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OISAPP.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\TipBand.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Things\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\PicturesToolIconImagesMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationCore.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0309920.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Oasis\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Roses.htm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.config | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOMessageProvider.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Star_Half.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\ED00184_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WSIDBR98.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Aspect.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Belem | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.widgets.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-fallback_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_over.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SUMIPNTG\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\lg\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libvobsub_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0297725.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03464_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\DocumentShare\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationClientsideProviders.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Marquesas | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\5.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153516.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0384900.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0183290.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Places\WARN.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSHY7EN.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CALHM.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.ui_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Etc\GMT+5 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\setting_back.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107494.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\OLJRNLR.FAE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCDCNCLS.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\TaskbarIconImagesMask256Colors.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Desert\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\include\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7Handle.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Indian\Reunion | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\PSS10O.CHM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\OSETUP.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\AUDIOSEARCHLTS.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Design.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libsapi_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_disabled.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Stationery\HandPrints.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\Install\{ED12A50C-ADCB-4FB6-B0B7-713544A9D99B}\CR_EB8C7.tmp\setup.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\BLANK.ONE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ca\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0212299.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0301044.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR32F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\LINE.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_gtk.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\cy\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color48.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105368.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0301076.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21342_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_rest.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\37.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-charts.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\mai\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0196358.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200289.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_pressed.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB6.BDR | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\InkWatson.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\en-US\iedvtool.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.scheduler.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0241019.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00011_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GRLEX.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Tarawa | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SPRING\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0282928.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\az\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\br\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\en-US\wmpnssci.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21370_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\ONENOTE_K_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\db\bin\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.text.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Country.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PULQOT98.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\RTFHTML.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\triangle.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\tesselate.x3d | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0299763.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\OLJRNL.FAE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_LightSpirit.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\COUPON.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\ENUtxt.pdf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\Ole DB\en-US\sqlxmlx.rll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\System\msadc\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\ssv.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\locale\jfluid-server_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-utilities_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_highlight-soft_75_ffe45c_1x100.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01361_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21322_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01575_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Oasis\HEADER.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationUp_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\kk\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\Office14\1033\Mso Example Intl Setup File B.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_flyout.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-crescent.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEEXCH.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Templates\Presentation Designs\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\ISO690.XSL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\LATIN1.SHP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\jsse.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\kinit.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Media Renderer\DMR_120.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00208_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WHIRL2.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR8F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_mru_on_win7.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\TextConv\WPFT632.CNV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\ado\msadrh15.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099152.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099170.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL002.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\86.0.4240.111.manifest | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_es-419.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00194_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105378.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01161_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\STUBBY2.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\eventlog_provider.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Skins\Revert.wmz | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_m.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\SettingsInternal.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\t2k.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-masterfs.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01866_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00272_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18181_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME02.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Omsk | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\zu\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\fr\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS01634_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR29B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\STS2\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\jre\bin\plugin2\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\MST7MDT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\it\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_hov.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00157_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\MSInfo\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\ipsrom.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Reference Assemblies\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\42.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0179963.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02265_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMainMask.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105380.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SpringGreen\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0183328.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CDLMSO.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libadaptive_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\EQNEDT32.HLP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\CG1606.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152894.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200189.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN095.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\hwruklm.dat | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\ieinstal.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0297727.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0386485.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\OMSINTL.DLL.IDX_DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\COMPUTER.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\weather.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\en-US.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\requests\browse.json | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\meta\art\02_frenchtv.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsMacroTemplate.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Entity.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Solstice.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\LINES.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_VideoInset.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\cacerts | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\co\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\sd\icecast.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\ACCWIZ\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18217_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Americana\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\sl-SI\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\ZoneInfoMappings | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\id\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_up.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\DESIGNER\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0238927.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_precomp_matte.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Paris | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Baku | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00129_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PARNT_01.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\grayStateIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\sv-SE\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Bogota | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Oslo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\STUDIO\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGREPFRM.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Notebook Templates\Notebook03.onepkg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\F12Resources.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Chisinau | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_realrtsp_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\logsession.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\DEEPBLUE\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.ES.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ACCWIZ\ACWZDAT12.ACCDU | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ACCWIZ\ACWZTOOL.ACCDE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\alt-rt.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\curl.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLUEPRNT\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0172035.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\co\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\ink\1.7\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15132_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB11.BDR | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Oasis.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\OriginMergeFax.Dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.views.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\hi\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt.hyp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0252669.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00014_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02412K.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY00792_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0149481.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\servertool.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Indianapolis | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Africa\Casablanca | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libpva_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\CGMIMP32.FLT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateBroker.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Garden.htm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\org-netbeans-core_visualvm.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Antarctica\Rothera | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00388_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY00132_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\jpeg.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\AST4 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\drag.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239967.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\GreenBubbles.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Uzhgorod | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152594.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Notes_content-background.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\include\win32\jni_md.h | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14531_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL027.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Luna.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_selectionsubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Nassau | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonUp_On.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341557.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Civic.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-sampler.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-crescent.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeUpdater.cer | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\msadc\msdaprst.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\REMOTES.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_over.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\jsdebuggeride.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multiview_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\requests\status.json | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\text_renderer\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY01252_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\gadget.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\meta-index | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Niue | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00276_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\CALENDAR.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsColorChart.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-output2.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql90.xsl | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153091.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00531L.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0297707.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsColorChart.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Casual.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\logo.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\zh-cn.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Africa\Accra | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\es\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\add_up.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN00914_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152590.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL075.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_rest.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Guyana | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\keystore\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-crescent_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105638.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14655_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORM.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ICE\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\MSMAPI\1033\MSMAPI32.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\Ole DB\en-US\msdaorar.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Americana\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\builtincontrolsschema.xsd | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\ParentMenuButtonIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\iexplore.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Paris | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search5.api | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\Tabs.accdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107482.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00395_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyNotesBackground.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\boot.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-heapwalker_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\misc\libaudioscrobbler_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-crescent_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\EXP_XPS.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SIGNS.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\STS2\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB3B.BDR | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MUOPTIN.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341534.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\System\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msado27.tlb | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\DVD Maker\Shared\DvdStyles\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.configuration_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.services_3.4.0.v20140312-2051.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\msvcr100.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Singapore | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\PROPLUS\ProPlusWW.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLOOK_COL.HXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\OFFLINE.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\InfoPathOMV12\Microsoft.Office.InfoPath.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\pagecurl.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\JAWTAccessBridge-64.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL01041_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\26.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\images\cursors\win32_MoveDrop32x32.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\Office14\NAMEEXT.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\VSTO\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00145_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0390072.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\XOCR3.PSP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsScenesBackground_PAL.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color120.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_issue.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21304_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\GostTitle.XSL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Oasis\HEADER.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\1.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\8.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\ECLIPSE_.RSA | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\JdbcOdbc.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01586_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107302.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01905_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15169_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\PreviousMenuButtonIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Word.en-us\SETUP.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\RSSITEMS.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsBlankPage.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-6 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BLUECALM\BLUECALM.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00737_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\lt.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\MST | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\WindowsMedia.mpp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099148.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0212601.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\logo.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Tarawa | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00018_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\STSUCRES.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\DataViewIconImagesMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\DataType\Name.accft | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_sun.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0103812.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_center.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\1033\MCABOUT.HTM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00161_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107262.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\LEVEL\LEVEL.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR3F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\VIEW.JS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-api-annotations-common.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\liboggspots_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Groove.en-us\SETUP.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\TextConv\WPFT532.CNV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PARNT_03.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18225_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\NextMenuButtonIconSubpictur.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\logging.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_livehttp_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_h.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_sun.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Office Classic.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MSO0127.ACL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkServerCP.bat | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Accra | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Africa\El_Aaiun | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\browser\features\[email protected] | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SLATE\SLATE.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0182902.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-progress-ui.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\jfr\default.jfc | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\OUTEX.ECF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Gaza | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows NT\Accessories\WordpadFilter.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\AFTRNOON\AFTRNOON.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\VSTARemotingServer.tlb | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_GreenTea.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-gibbous_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationLeft_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\DataMatrix.pmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can32.clx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PIXEL\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01330_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PPINTL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\IA2Marshal.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\demux\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152878.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0237228.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\VIEWBY.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\cs\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_h.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21300_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\NotifierWindowMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0232395.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0212219.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\mscss7fr.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\EssentialResume.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\cmm\LINEAR_RGB.pf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\DOC.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\verify.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_gloss-wave_35_f6a828_500x100.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00126_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\OFFICE10.MMW | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00688_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0318448.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Tripoli | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-ui_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\background.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_bottom_right.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00459_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341455.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14595_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD15156_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_Casual.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Premium.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libnsv_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-last-quarter.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Apothecary.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\CollectSignatures_Sign.xsn | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSSP7FR.dub | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7-zip.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome.exe.sig | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\si\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw48.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ql.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\localizedSettings.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\settings.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_GB_EURO.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\utilityfunctions.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsPreviewTemplate.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Yakutsk | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-host-remote.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\extensions\VLSub.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00523_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY00882_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0233018.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02252_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR41F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mk.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\EST | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.webapp_3.6.300.v20140407-1855.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\hrtfs\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\FrameworkList.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_foggy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\header.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\en-US\F12.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\SystemV\AST4 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\meta\reader\filename.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0241043.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\ext\sunec.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\wmprph.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01852_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00563_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll.sig | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.SF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-api_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\template.msi | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Form.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-windows_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Tijuana | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libjpeg_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double_bkg.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOffNotificationInTray.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Printing.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15272_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21348_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\DVD Maker\Shared\DvdStyles\Full\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\ECLIPSE_.RSA | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-compat_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105390.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00780L.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libogg_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR7F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_right.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Pine_Lumber.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.intro_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_mosaic_bridge_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\settings.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGBOXES.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\currency.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\leftnav.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0291794.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21423_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD10289_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSHY7ES.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Documentation\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\decora-sse.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh89 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01183_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00367_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR6B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPAPERS.INI | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\JSProfilerCore.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.registry_3.5.400.v20140428-1507.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-3.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BOLDSTRI\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSACCESS.HXS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\SEARCH.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\bn_IN\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\SY______.PFM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099199.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsViewAttachmentIcons.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\TWCUTLIN.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Bucharest | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-docked.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0297269.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02009_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0088542.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\subscription.xsd | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Argentina\Tucuman | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_FileHigh.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\tabskb.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.jdp.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libtcp_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02503U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR50B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.AU.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\gfserrorfromgroove.ico | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ONWordAddin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\cy.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Wallis | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_snow.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGPICCAP.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Runtime\x86\resources\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mng2.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1251.TXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\en-US\wab32res.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Elemental.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15273_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Desert\HEADER.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_left.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\bear_formatted_rgb6.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-io_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\ink\skchui.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00668_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PSRETRO.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02268_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\CHIMES.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\dragHandle.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-core.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTO\ActionsPane3.xsd | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\UrbanReport.Dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome.dll.sig | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\picturePuzzle.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\SOCIALCONNECTOR.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-highlight.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Los_Angeles | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.filesystem_1.4.100.v20140514-1614.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198494.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Couture.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ho_Chi_Minh | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.ecore.xmi_2.10.1.v20140901-1043.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-bootstrap.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\gadget.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_dot.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationLeft_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\orbd.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_down.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02386_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY01462_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115844.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\WINWORD_F_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GrayCheck\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\ipsdeu.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.ecore_2.10.1.v20140901-1043.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\images\cursors\cursors.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\logger\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00217_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ba.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200151.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0216112.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_over.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Maceio | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\playlist\koreus.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382836.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\SmallLogoBeta.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSLoc.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382925.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18256_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_mid.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Adak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\greenStateIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sk.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-impl_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-awt_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libdvdread_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01268_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\macroprogress.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\DataType\Priority.accft | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CYRILLIC.TXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143749.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\MENU.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\TipRes.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_pt_BR.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Blanc-Sablon | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21339_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEMANAGED.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Memo.emf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00058_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Library\SOLVER\SOLVER.XLAM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Photo Viewer\en-US\PhotoAcq.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\bin\dblook.bat | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\heart_glass_Thumbnail.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.rcp.product_5.5.0.165303\feature.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher_1.3.0.v20140911-0143.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_over.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonUp_Off.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\libxslt.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\ink\mshwLatin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\1033\FM20.CHM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00443_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PSTPRX32.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Seyes.emf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.jarprocessor_1.0.300.v20131211-1531.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-ui_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00448_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\images\bing.ico | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\OCEAN_01.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\SegoeChess.ttf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\WATER\WATER.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Internet Explorer\sqmapi.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_TexturedBlue.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FOLDPROJ.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-uihandler_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-print.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\divider-horizontal.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\COMBOBOX.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBCONV.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web\webbase.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.garbagecollector.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\content-types.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Atlantic\Faroe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_output\libwgl_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BOATINST.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\ShadesOfBlue.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_m.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0216612.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382959.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD15302_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLOOK.DEV_COL.HXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Casual.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sampler_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-core-processthreads-l1-1-1.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libnfs_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-dock.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\JPEGIM32.FLT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341645.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\Microsoft.stdformat.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-spi-actions.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\ado\msado15.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Newsprint.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Library\Analysis\ANALYS32.XLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\TYPE.WAV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Belize | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-remote_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_left_mousedown.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Internet Explorer\en-US\F12Tools.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CALSO11.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\license.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SoftBlue.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\en-GB.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\ECLIPSE_.SF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Groove.en-us\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04369_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18203_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\APPTS.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\background.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\mscss7cm_en.dub | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.intro_3.4.200.v20130326-1254.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-heapdump_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Antarctica\Davis | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_up_BIDI.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0145168.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\BCSRuntime.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\0.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-uisupport.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00640_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Oasis\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_foggy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Yakutat | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-startup.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\cmm\CIEXYZ.pf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Etc\GMT-2 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02270_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\ISO690Nmerical.XSL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\NL7Lexicons0011.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\pt-PT.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\mailapi.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\BIN\FPSRVUTL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Newsprint.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18245_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\HandPrints.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\plugin.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-disable.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_sun.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\StandardBusiness.pdf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\sk-SK\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Kabul | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Proof.fr\Proof.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105974.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153093.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01237_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18239_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\WINWORD.HXS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench_1.2.1.v20140901-1244.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-sendopts.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\settings.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00526_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0199429.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00685_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGLOGO.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\jmc.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\gadget.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)grayStateIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD07761_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_VelvetRose.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-javahelp_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Brussels | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\playlist\anevia_streams.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libttml_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01238_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\INFOMS.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-util-lookup.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\adobepdf.xdc | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\EQNEDT32.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Excel.en-us\ExcelMUI.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\IRIS\IRIS.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\title_stripe.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\OLTASK.FAE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SECURS.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.runtime_3.10.0.v20140318-2214.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Photo Viewer\PhotoAcq.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BZCARDHM.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Media Player\WMPNSSUI.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BS00076_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0199661.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ky.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Nairobi | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\net.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\psfont.properties.ja | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\RestoreEnter.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RIPPLE\RIPPLE.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21398_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0290548.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSOUC_K_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_heb.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Casey | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\css\blafdoc.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\en-US\gadget.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0216600.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\jsoundds.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Help\ITIRCL55.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Stars.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSDecWrp.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00921_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105246.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00911_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libextract_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01421_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00246_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MOR6INT.REST.IDX_DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\QUIKPUBS.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\New_Skins.url | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB9.BDR | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\RSPMECH.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-remote_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Yakutsk | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_MCELogo_mouseover.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0301480.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Guayaquil | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSACCESS.DEV_F_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\Timeline_is.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.addons.swt.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\dialogs\mosaic_window.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd.otf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\REFINED\REFINED.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18215_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02291U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00683_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-hot.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-last-quarter_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\manifest.json | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\Help\3082\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0175361.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02025_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLOOK_F_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\bg_TexturedBlue.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\TipsImage.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\bn.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\java-rmi.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\license.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\ink\micaut.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\PROOF\MSWDS_EN.LEX | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\MS.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\1033\STINTL.DLL.IDX_DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\en-US\F12Tools.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-application.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\t2k.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\Office14\MSOHTMED.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\RevokeSync.cfg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\kn\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\System\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10265_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\HEADING.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_settings.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-correct.avi | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.workbench.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-io-ui_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\accessibility.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EDGE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0195320.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\LEVEL\LEVEL.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\CLASSIC1.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\tr.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkClientCP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\sv\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\requests\browse.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Network Sharing\MediaReceiverRegistrar.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\RSSITEM.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_justify.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPTSFrame.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-queries.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Pyongyang | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02752G.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0291984.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-io-ui.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-modules-appui.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\MSSOAPR3.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\ESEN\MSB1ESEN.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_left_disable.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\bin\stopNetworkServer.bat | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_thunderstorm.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH03014_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_videoinset.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\date-span-16.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\THIRDPARTYLICENSEREADME.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01366_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02950_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02845G.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Newsprint.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Americana\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sk.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\eula.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office.en-us\BRANDING.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Pushpin.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN105.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationLeft_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\deploy\splash.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_output\libcaca_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\MSEnv\PublicAssemblies\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\IRIS\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_Country.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21505_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD15155_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_zh_TW.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\MST7MDT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\Help\1031\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\AUMProduct.cer | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\OneNote.en-us\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\45.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Mail\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Irkutsk | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)grayStateIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\Adobe\Help\en_US\Adobe Reader\9.0\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\icudt36.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107712.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PROOF\1033\MSGR3EN.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\DigSig.api | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107528.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PSSKETSM.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_FileHighMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02790_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\DefaultBlackAndWhite.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\Timeline.cpu.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Fiji | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\System\Ole DB\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_nl.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0212751.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\25.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\MST7MDT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-attach_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\Adobe AIR\sentinel | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00513_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\3082\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CONTACTINFOBB.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\modules\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-down.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\uk.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\OmdProject.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Catamarca | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Lima | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Bougainville | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Australia\Eucla | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\EURO\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\bg_OliveGreen.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\timeZones.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SLATE\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00343_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Waveform.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\javaw.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.CN.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGTOC.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_dot.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_INTRO_BG_PAL.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Whitehorse | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Mozilla Firefox\defaults\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\ESEN\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0187835.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00833_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Glace_Bay | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ms\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\en-US\WMPDMC.exe.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-BoldIt.otf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\STRTEDGE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00084_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Horizon.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Sts2.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN058.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Stationery\1033\NOTEBOOK.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\en-US\msadcer.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\SIGNUP\install.ins | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.rcp.product_5.5.0.165303\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiler_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107024.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287643.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sv.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD00146_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Concourse.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Runtime\x86\resources\1033\Synchronization.rll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Qatar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-autoupdate-services.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD08868_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Welcome Tool\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Scoresbysund | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-core-kit.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Main_Background_Loading.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\ink\InkDiv.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115840.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\SIST02.XSL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Synchronization Services\ADO.NET\v1.0\Microsoft.Synchronization.Data.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.http.jetty_3.0.200.v20131021-1843.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-uisupport.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\an\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_top.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04355_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0093905.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Mozilla Firefox\browser\features\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Hong_Kong | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Photo Viewer\ImagingDevices.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\ct.sym | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RIPPLE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0241077.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\navBack.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Detroit | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\ahclient.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.JP.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Windhoek | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-core-kit_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libtdummy_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\logo.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\PDFPrevHndlr.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Rarotonga | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\en-US\Sidebar.exe.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SIGNL.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\attention.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL107.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PPINTL.DLL.IDX_DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_LOOP_BG_PAL.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-execution.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099180.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107722.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0211949.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18204_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvmstat_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\Dynamic.pdf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\Verisign\Components\VS_ComponentSigningIntermediate.cer | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsViewFrame.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Mozilla Maintenance Service\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\modules\sandbox.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00297_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\BORDERS\MSART10.BDR | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\CircleIcons.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MSPUB.TLB | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\TWORIENT.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationLeft_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Rio_Branco | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\PPKLite.api | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0149887.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\bg_Earthy.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\BCSClientManifest.man | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\calendar.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\th-TH\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\LICENSE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\en-US\DiagnosticsTap.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Indiana\Tell_City | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\dialogs\browse_window.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL095.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Track Issues.fdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Maroon.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\El_Aaiun | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\COPYRIGHT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\System\MSMAPI\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02296_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Pitchbook.potx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN01216_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\INFOPATHEDITOR_K_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\Triedit\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423861261279.profile.gz | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ro\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\SPPlugins\ADMPlugin.apl | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN00853_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOInstaller.config | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightDemiBold.ttf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\feature.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\olh.htm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jvmstat.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_rest.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsBrowserUpgrade.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00120_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01172_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0196354.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\DELIMDOS.FAE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\2.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01631_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00636_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jre7\lib\ext\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\Office14\MSOHEV.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\index.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\flyout_background.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\14.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VGX\VGX.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Oasis\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\license.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.VisualBasic.Targets | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152432.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\logo.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Services\verisign.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\en-US\oledb32r.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_SelectionSubpictureA.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\gd\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\PowerPoint.en-us\PowerPointMUI.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\Xlate_Init.xsn | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SPRING\SPRING.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03241_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\License.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\203x8subpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome_100_percent.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net_1.2.200.v20140124-2013.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvm_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_chromecast_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\SLINTL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02753U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21534_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\on_desktop\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSACCESS_K_COL.HXK | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Mahe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.transport.ecf_1.1.0.v20140408-1354.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101859.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0215070.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_jpn.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD10308_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_Premium.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_rgb.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Montreal | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD02141_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21340_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ADVTEL.DIC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libinflate_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\MTEXTRA.TTF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_iw.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BOAT.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00808_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR40F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationRight_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01630_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01461_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions_Response.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\PLANNERS.ONE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Verve.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Hardcover.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationLeft_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.intro.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\locale\updater_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BREEZE\BREEZE.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Slate.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\AddToViewArrow.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\ielowutil.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\sk\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\mr\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_mr.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0296279.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Waveform.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.VN.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationUp_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\.lastModified | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0332364.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.Office.BusinessData.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\ext\dnsns.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\PNG32.FLT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\localizedStrings.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\MSODCW.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\SEQCHK10.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-phonetic.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Clarity.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0297185.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR35F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR10F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\SAVE.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\mc.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\wmlaunch.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\6.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AGM.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\LISTS\1033\STOCKS.DAT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0285444.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\ENV98SP.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Tokyo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN01218_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD01658_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099197.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00231_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WEBHOME.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\ExecutiveMergeLetter.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RICEPAPR\RICEPAPR.ELM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightYellow\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LABEL.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\management.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\about.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Majuro | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME31.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ks_IN\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libripple_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH01015_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL110.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\BCSRuntimeRes.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR34F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\server\Xusage.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\README.HTM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BOLDSTRI\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CANYON\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ECHO\ECHO.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Oriel.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WITHCOMP.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Blog.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\drag.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\GRAY.pf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Marengo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\31.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\CGMIMP32.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE06049_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR23F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_MATTE2_PAL.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationUp_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Luna.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\uk\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\ink\pipres.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0279644.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\LogoDev.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_wav_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKL.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.ComponentModel.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PROFILE\PROFILE.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL01040_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cambridge_Bay | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\MET | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\SendPop.ex_ | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\js\main.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\1.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\30.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AboutBox.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Americana\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonInset_Alpha1.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Choibalsan | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.felix.gogo.runtime_0.10.0.v201209301036.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\RSSFeeds.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_shared.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\el.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\gu.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh87 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR24F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\SpeechEngines\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Goose_Bay | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Andorra | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14985_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_kor.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\java_crw_demo.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\tools.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Classic.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\images\buttons.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_ogg_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00265_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR33F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightYellow\HEADER.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Tasks.accdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\numbase.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\button-bullet.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\sr.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_h.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL00345_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21299_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked-loading.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\default.jfc | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tehran | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01468_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\EssentialMergeLetter.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-templates_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libpuzzle_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_sml.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\XMLSDK5.CHM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\de\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD00544_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH02155_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\LoginDialogBackground.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SpringGreen.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\WSS_DocLib.ico | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME47.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR13F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\SetupMetrics\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\toc.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.directorywatcher.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-actions_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ks_IN\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\InfoPathOMFormServicesV12\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\README.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0232795.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0400004.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00694_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21519_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCDCNCLL.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ZoomIcons.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CONCRETE\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_pt-PT.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Internet Explorer\en-US\networkinspection.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10337_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\include\classfile_constants.h | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\ResizeMove.sql | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libheadphone_channel_mixer_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-It.otf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18190_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_alignleft.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\NOTES.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_underline.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\lv.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Notes_btn-back-static.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\EN00320_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Clarity.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MOR6INT.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PROTTPLN.XLS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ku.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Yekaterinburg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\fr\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239063.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0304875.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00389_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\History.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-sampler.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\info.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Stationery\1033\PAWPRINT.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-progress.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeUpdate.cer | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\ODeploy.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02267_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\nl.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgePackages.h | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01245_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGDOTS.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviews_super.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0151045.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\System\ado\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationRight_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\Parity.fx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Yerevan | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-charts_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Indiana\Knox | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Origin.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.model.workbench_1.1.0.v20140512-1820.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Vancouver | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\sl\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\MpCmdRun.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21512_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\BCSLaunch.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\1047x576black.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Class.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0295069.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\IpsPlugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\86.0.4240.111\MEIPreload\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\as_IN\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEDAO.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_et.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-views_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\THIRDPARTYLICENSEREADME-JAVAFX.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME51.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\GRAPH.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Maceio | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\fr\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\cryptocme2.sig | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\EN00202_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02024_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightYellow\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\EquityMergeLetter.Dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\jhat.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_hover.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\Help\2052\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\EXPEDITN\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR33F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\WINWORD.DEV.HXS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\Welcome.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Minsk | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_hov.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Internet Explorer\ielowutil.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00255_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME44.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\currency.data | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\34.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSACCESS.DEV_COL.HXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\CHICAGO.XSL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Hardware Tracker.fdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-text.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sampler_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\flyoutBack.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN02122_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\1033\OLR.SAM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\EMABLT32.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\7.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18209_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_dot.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\jmc.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-editor-mimelookup.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-views_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\DESIGNER\MSADDNDR.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0200383.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00629_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04225_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD09031_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105846.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer_3.2.200.v20140827-1444.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0103262.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SL00308_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR17F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_top_right.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\nssckbi.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\MpClient.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00648_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD02153_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02085_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\attention.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\PowerPoint.en-us\SETUP.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Garden.htm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\VSTO\vstoee.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00390_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_hr.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\as90.xsl | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\CONVERT\ODBC.SAM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSHY7EN.LEX | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Stationery\1033\TECHTOOL.HTM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Synchronization Services\ADO.NET\v1.0\Microsoft.Synchronization.Data.SqlServerCe.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\localizedStrings.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msdaprsr.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgeCallbacks.h | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\deploy\messages_it.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\psfontj2d.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Fiji | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_h.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\TipsImageMask.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\curl.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+8 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-favorites_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Anchorage | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Beige.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_Country.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\js\calendar.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21320_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Biscay.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Media Player\en-US\WMPMediaSharing.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSGR3FR.LEX | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LABEL.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\bin\ij | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multiview_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-sampler.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\js\cpu.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY01590_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME15.CSS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Ceuta | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\org-openide-filesystems_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\precomplete | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0086432.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02009_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_m.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\feature.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\conticon.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_asf_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Traditional.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\th\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BABY_01.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0239191.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14794_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\bg_VelvetRose.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\Packages\Debugger\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ar.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Kentucky\Monticello | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\smtp.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-ui.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk15\windows-amd64\profilerinterface.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00178_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\16-on-black.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\fy\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\EquityMergeFax.Dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Microsoft.VisualStudio.Tools.Applications.Adapter.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\glass.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_rest.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Scene_loop_PAL.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\INLAUNCH.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BROCHURE.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.Design.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\mobile.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ECHO\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21330_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.RSA | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-api-visual.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\kn.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ky\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\VGX\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LOGO98.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\asl-v20.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-windows.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\FDFFile_8.ico | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01140_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\Verisign\Components\VeriSign_Class_3_Public_Primary_CA.cer | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsViewFrame.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\OUTGOING.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PARNT_07.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21319_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\whitevignette1047.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Madeira | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-profiling.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Antarctica\Troll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\desktop.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\EXITEM.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\BIZCARD.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Runtime\x86\FeedSync.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Indian\Maldives | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR6B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Places\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\MSVCR71.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Hiring Requisition - Customized.fdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00402_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115841.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\Filters\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\feature.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\boot_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-snaptracer.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office64.WW\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099203.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GrayCheck\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.Activities.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Mail\WinMail.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02369_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\Tasks.accdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\add_over.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\attach.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SY00110_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01294_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\RECS.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationRight_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Manila | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCDRESPS.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GrayCheck\HEADER.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Oasis\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OCRVC.DAT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ONPPTAddin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\mshwgst.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-modules_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\bg\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ka\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\ink\pipanel.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18237_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\SIGN.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\msxactps.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-snaptracer_ja.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SUMIPNTG\SUMIPNTG.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0090779.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GrayCheck\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Knox | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_h264_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00494_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\FAX\MedianFax.Dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\SCDREQS.ICO | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\DiscussionToolIconImages.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\bg\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\browser\VisualElements\VisualElements_70.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Media Player\Skins\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\ado\msadox28.tlb | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\bg_SlateBlue.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\WEBHED98.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_top.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\OTKLOADR.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_MATTE_PAL.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Araguaina | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ky\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\slideShow.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_th.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Biscay\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGZIP.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msadcfr.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\1047x576black.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-heapdump.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.DirectoryServices.AccountManagement.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_description_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_US.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Hand Prints.htm | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\Verisign\Components\VeriSign_Class_3_Code_Signing_2001-4_CA.cer | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGLBL083.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\bg_Groove.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Graph.exe.manifest | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\HideRemove.inf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Bangkok | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.di.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Excel.en-us\SETUP.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\INDUST\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\cmm\PYCC.pf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\uninstall\shortcuts_log.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\Portal\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\FPLACE.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105414.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InputPersonalization.exe.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.rcp_4.3.100.v20141007-2301.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsBlankPage.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-api-search.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_over.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185842.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18205_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\PLUS.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Maldives | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.eclipse_1.1.200.v20140414-0825.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-gibbous.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107526.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PROTTPLN.PPT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.Targets | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\settings.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\OFFICE14\CsiSoap.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\nio.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\uninstall\helper.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgradfun_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ja.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD01191_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Whitehorse | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Noumea | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libsvcdsub_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGZIPC.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\he\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Conversion.v3.5.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-full.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01848_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0293236.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolIcons\OutSyncPC.ico | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonInset_Alpha2.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroSign.prc | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\BlackTieResume.dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\MSBuild\Microsoft.Office.InfoPath.targets | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\es-419.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21366_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\J0115855.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTaskIcon.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_snow.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SPRING\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Lime\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-full_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-attach.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02413_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WNTER_01.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\liboldmovie_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\wmpconfig.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\jinfo.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Chuuk | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.property.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-plaf_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\vlm.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\skins\fonts\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\FS3BOX.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_s.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0285792.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH00780U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TR00006_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18185_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107512.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE03795_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01265U.BMP | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FORM.JS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libdxva2_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107148.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\OIS_COL.HXT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\groove.net\Components\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\clock.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\back.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\JNGLE_01.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02389_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\86.0.4240.111\default_apps\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\security\java.security | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\playlist\youtube.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\ACEINTL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00174_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\CRANINST.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\Executive.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBCOLOR.SCM | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange\background.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\hr\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libvnc_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HM00116_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\com.oracle.jmc.executable.win32.win32.x86_64_5.5.0 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FINCL_02.MID | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0198447.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18200_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.SE.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.IdentityModel.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationUp_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\new-trigger-wiz.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152696.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLWVW.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5\sqlceer35EN.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\kaa.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.http_8.1.14.v20131031.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_hov.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\29.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_choosecolor.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGCOUPON.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Stationery\1033\PINELUMB.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\dt_socket.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Beirut | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\mn\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE02262_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGPQUOT.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LINEACT.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSLoc.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\mobile_equalizer.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\RSSFeeds.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_docked.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR43F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FORM.JS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Bougainville | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\gu\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\my\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Esl\AiodLite.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Assets.accdt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libmotionblur_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\WATER\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD06102_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099205.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0153307.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH01239K.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgrain_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\PROPLUS\SETUP.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0199469.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\_platform_specific\win_x64\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\amd64\jvm.cfg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ia\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0188511.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21390_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_hover.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\JP2KLib.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\info.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Budapest | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Apia | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.css.sac_1.3.1.v200903091627.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\sk\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libremap_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Media Renderer\DMR_120.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\MessageBoxIconImages.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsDoNotTrust.html | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\mset7fr.kic | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.IT.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\WORDICON.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_da.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105526.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\New_Salem | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-settings.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\deploy\messages_zh_TW.properties | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Honolulu | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ta\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\css\cpu.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0199727.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR7B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\drag.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+1 | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa03.hsp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0185670.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\zip.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\THIRDPARTYLICENSEREADME-JAVAFX.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ff\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgradient_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeCollabSync.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15274_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00704_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Stationery\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\en-US\mshwLatin.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Etc\GMT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_ffffff_256x240.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_wasapi_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\logo.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01145_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\STSLIST.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-dialogs_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\LISTS\1033\TIME.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD08808_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00807_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-border.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\PRODIGY.NET.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\zh_CN\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\base-docked.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\STS2\HEADER.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ACCICONS.EXE | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7zCon.sfx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\720x480icongraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\cgg\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_down.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00915_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA01358_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSSP7ES.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DOTS.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Kiev | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\MANIFEST.MF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-print.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libcroppadd_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Port_of_Spain | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-api-caching.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-core-localization-l1-2-0.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\browser\crashreporter-override.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libspdif_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GrayCheck\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\OUTLBAR.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\groove.net\Components\SignedComponents.cer | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OneNote\SendToOneNote.gpd | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGACCBOX.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PAGESIZE\PGMN075.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler-charts.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Seoul | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libps_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_bn.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKUPD.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Lisbon | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Origin.thmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15057_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\macroprogress.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGCAL.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ps.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationLeft_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\MeasureSkip.easmx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\sd\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\MSOSEC.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_choosecolor.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\RTF_BOLD.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)alertIcon.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\javafx-mx.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\th\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\STUDIO\STUDIO.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382967.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Hardcover.eftx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSAIN.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\ONENOTE_COL.HXC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\TASKDEC.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\AccessibleMarshal.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21481_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21520_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00923_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02465_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Resolute | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-application.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\ResizeTest.mp2v | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\liba52_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\bin\java-rmi.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\gadget.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\DW\DBGHELP.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBWZINT.REST.IDX_DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\39.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push_title.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kathmandu | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.el_2.2.0.v201303151357.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR35B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01744_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0157995.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\REFEDIT.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\hwrenalm.dat | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\bn\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows NT\TableTextService\en-US\TableTextService.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_settings.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\Toronto | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ne\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\42.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\AcroRead.msi | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Groove.en-us\GrooveMUI.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\CONTACT.CFG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\PAPYRUS\PAPYRUS.INF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00274_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\rarrow.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\gimap.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-masterfs.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jre7\lib\amd64\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\crashreporter.ini | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\playlist\cue.luac | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099192.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\requests\playlist.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_kn.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\zh-tw.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationRight_SelectionSubpicture.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.ui_4.0.100.v20140401-0608.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.views.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Fakaofo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\SNET.NET.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\UrbanLetter.Dotx | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\7.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Interface.zip | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\Stationery\Graph.emf | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationUp_ButtonGraphic.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\servertool.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-execution.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_choosefont.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\JFONT.DAT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\MENU98.POC | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Yellowknife | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\w2k_lsa_auth.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Pacific\Kosrae | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\System\msadc\msdfmap.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099167.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue\TAB_OFF.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Angles.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainBackground.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Majuro | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\toc.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.text.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0313970.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02077_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\TaskbarIconImages256Colors.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange\button.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\ipsptb.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\en-US\ieinstal.exe.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Nauru | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00390_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\excelcnvpxy.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\MSOUC.HXS | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GrayCheck\TAB_ON.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.console_1.1.0.v20140131-1639.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_foggy.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\3difr.x3d | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD01167_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Discussion.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Microsoft.BusinessData.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\POSTCARD.DPV | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMainMask_PAL.wmv | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\sw.pak | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerConstraints.exsd | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00837_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Lime.css | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\bin\hprof.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\IETAG.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0105710.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Newsprint.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR36B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msadce.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\warning.gif | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Net.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\47.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\ChessIconImages.bmp | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\EST5EDT | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\stream_extractor\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_s.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-gibbous.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA00433_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\clock.js | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_down.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.eclipse.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-tools.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00578_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143758.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0332268.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR3B.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14790_.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\INFINTL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\el\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libdca_plugin.dll | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color32.jpg | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\gadget.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0341742.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE05710_.WMF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Windows Mail\en-US\msoeres.dll.mui | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\POSTCARD.XML | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cuiaba | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\feature.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-swing-tabcontrol.xml | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\Beulah | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR35F.GIF | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB2A.BDR | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\PROOF\MSTH7EN.LEX | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\html\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Krasnoyarsk | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\Office14\1033\BHOINTL.DLL | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\corner.png | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0382965.JPG | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\Document Parts\1033\14\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-A90000000001}\SC_Reader.exe | C:\Windows\explorer.exe | N/A |
| File opened for modification | \??\c:\windows\installer\{ac76ba86-7ad7-1033-7b44-a90000000001}\sc_reader.exe | C:\Windows\explorer.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_Classes\Local Settings | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_Classes\Local Settings | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_Classes\Local Settings | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff | C:\Windows\explorer.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
Suspicious behavior: RenamesItself
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\1243725229.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: 33 | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: 33 | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 364 wrote to memory of 1228 | N/A | C:\Users\Admin\AppData\Local\Temp\pcnew.exe | C:\22912339014610\winsvcs.exe |
| PID 364 wrote to memory of 1228 | N/A | C:\Users\Admin\AppData\Local\Temp\pcnew.exe | C:\22912339014610\winsvcs.exe |
| PID 364 wrote to memory of 1228 | N/A | C:\Users\Admin\AppData\Local\Temp\pcnew.exe | C:\22912339014610\winsvcs.exe |
| PID 364 wrote to memory of 1228 | N/A | C:\Users\Admin\AppData\Local\Temp\pcnew.exe | C:\22912339014610\winsvcs.exe |
| PID 1228 wrote to memory of 1680 | N/A | C:\22912339014610\winsvcs.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe |
| PID 1228 wrote to memory of 1680 | N/A | C:\22912339014610\winsvcs.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe |
| PID 1228 wrote to memory of 1680 | N/A | C:\22912339014610\winsvcs.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe |
| PID 1228 wrote to memory of 1680 | N/A | C:\22912339014610\winsvcs.exe | C:\Users\Admin\AppData\Local\Temp\1243725229.exe |
Processes
C:\Users\Admin\AppData\Local\Temp\pcnew.exe
"C:\Users\Admin\AppData\Local\Temp\pcnew.exe"
C:\22912339014610\winsvcs.exe
C:\22912339014610\winsvcs.exe
C:\Users\Admin\AppData\Local\Temp\1243725229.exe
C:\Users\Admin\AppData\Local\Temp\1243725229.exe
C:\Windows\explorer.exe
explorer.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x1ac
C:\Windows\explorer.exe
explorer.exe
C:\Windows\explorer.exe
explorer.exe
Network
| Country | Destination | Domain | Proto |
| N/A | 8.8.8.8:53 | trik.ws | udp |
| N/A | 217.8.117.10:8080 | trik.ws | tcp |
| N/A | 217.8.117.10:8080 | trik.ws | tcp |
| N/A | 8.8.8.8:53 | 304049943.ws | udp |
| N/A | 64.70.19.203:8080 | 304049943.ws | tcp |
Files
\22912339014610\winsvcs.exe
| MD5 | 1f8cef7b1f327e19ec561d1b80583d2d |
| SHA1 | 96795527c65711c13aef7f2cda3b5a0ff5779137 |
| SHA256 | c6ee0c5549619ebf81f7878da18a6e29ff315be7d0fb3d9b79b84717405c87f6 |
| SHA512 | 2bdb59b8ca921b7def3547c622a4357398566c475ed1c77aad4fe91f1171ddee1b0d3524463ead12a10bba19fb5e23dcad3b00e948c8bde585d315906fd782e2 |
memory/1228-1-0x0000000000000000-mapping.dmp
C:\22912339014610\winsvcs.exe
| MD5 | 1f8cef7b1f327e19ec561d1b80583d2d |
| SHA1 | 96795527c65711c13aef7f2cda3b5a0ff5779137 |
| SHA256 | c6ee0c5549619ebf81f7878da18a6e29ff315be7d0fb3d9b79b84717405c87f6 |
| SHA512 | 2bdb59b8ca921b7def3547c622a4357398566c475ed1c77aad4fe91f1171ddee1b0d3524463ead12a10bba19fb5e23dcad3b00e948c8bde585d315906fd782e2 |
C:\22912339014610\winsvcs.exe
| MD5 | 1f8cef7b1f327e19ec561d1b80583d2d |
| SHA1 | 96795527c65711c13aef7f2cda3b5a0ff5779137 |
| SHA256 | c6ee0c5549619ebf81f7878da18a6e29ff315be7d0fb3d9b79b84717405c87f6 |
| SHA512 | 2bdb59b8ca921b7def3547c622a4357398566c475ed1c77aad4fe91f1171ddee1b0d3524463ead12a10bba19fb5e23dcad3b00e948c8bde585d315906fd782e2 |
memory/1312-4-0x000007FEF6EA0000-0x000007FEF711A000-memory.dmp
\Users\Admin\AppData\Local\Temp\1243725229.exe
| MD5 | 7d52884b375ce8b6182f1c53f0f1c496 |
| SHA1 | 6b70e90b0dada8d93c61caa678e76ce2abcbc76b |
| SHA256 | 9c48e8a5f83614f685249486a13a8a132660f37d11c5f55581414dbf02091021 |
| SHA512 | 24350255bda3672cce0ff22221e5973cd69f5b8470eb642e9679c3c006716271af8f32a2d4ee5309949c746eb9cb15bba411052fd4935a2a2b436501c7b4a515 |
C:\Users\Admin\AppData\Local\Temp\1243725229.exe
| MD5 | 7d52884b375ce8b6182f1c53f0f1c496 |
| SHA1 | 6b70e90b0dada8d93c61caa678e76ce2abcbc76b |
| SHA256 | 9c48e8a5f83614f685249486a13a8a132660f37d11c5f55581414dbf02091021 |
| SHA512 | 24350255bda3672cce0ff22221e5973cd69f5b8470eb642e9679c3c006716271af8f32a2d4ee5309949c746eb9cb15bba411052fd4935a2a2b436501c7b4a515 |
memory/1680-7-0x0000000000000000-mapping.dmp
\Users\Admin\AppData\Local\Temp\1243725229.exe
| MD5 | 7d52884b375ce8b6182f1c53f0f1c496 |
| SHA1 | 6b70e90b0dada8d93c61caa678e76ce2abcbc76b |
| SHA256 | 9c48e8a5f83614f685249486a13a8a132660f37d11c5f55581414dbf02091021 |
| SHA512 | 24350255bda3672cce0ff22221e5973cd69f5b8470eb642e9679c3c006716271af8f32a2d4ee5309949c746eb9cb15bba411052fd4935a2a2b436501c7b4a515 |
\22912339014610\winsvcs.exe
| MD5 | 1f8cef7b1f327e19ec561d1b80583d2d |
| SHA1 | 96795527c65711c13aef7f2cda3b5a0ff5779137 |
| SHA256 | c6ee0c5549619ebf81f7878da18a6e29ff315be7d0fb3d9b79b84717405c87f6 |
| SHA512 | 2bdb59b8ca921b7def3547c622a4357398566c475ed1c77aad4fe91f1171ddee1b0d3524463ead12a10bba19fb5e23dcad3b00e948c8bde585d315906fd782e2 |
\22912339014610\winsvcs.exe
| MD5 | 1f8cef7b1f327e19ec561d1b80583d2d |
| SHA1 | 96795527c65711c13aef7f2cda3b5a0ff5779137 |
| SHA256 | c6ee0c5549619ebf81f7878da18a6e29ff315be7d0fb3d9b79b84717405c87f6 |
| SHA512 | 2bdb59b8ca921b7def3547c622a4357398566c475ed1c77aad4fe91f1171ddee1b0d3524463ead12a10bba19fb5e23dcad3b00e948c8bde585d315906fd782e2 |
\??\M:\$RECYCLE.BIN\S-1-5-21-293278959-2699126792-324916226-1000\desktop.ini
| MD5 | a526b9e7c716b3489d8cc062fbce4005 |
| SHA1 | 2df502a944ff721241be20a9e449d2acd07e0312 |
| SHA256 | e1b9ce9b57957b1a0607a72a057d6b7a9b34ea60f3f8aa8f38a3af979bd23066 |
| SHA512 | d83d4c656c96c3d1809ad06ce78fa09a77781461c99109e4b81d1a186fc533a7e72d65a4cb7edf689eeccda8f687a13d3276f1111a1e72f7c3cd92a49bce0f88 |
C:\Users\Admin\AppData\Local\Temp\1243725229.exe
| MD5 | 7d52884b375ce8b6182f1c53f0f1c496 |
| SHA1 | 6b70e90b0dada8d93c61caa678e76ce2abcbc76b |
| SHA256 | 9c48e8a5f83614f685249486a13a8a132660f37d11c5f55581414dbf02091021 |
| SHA512 | 24350255bda3672cce0ff22221e5973cd69f5b8470eb642e9679c3c006716271af8f32a2d4ee5309949c746eb9cb15bba411052fd4935a2a2b436501c7b4a515 |
memory/1684-14-0x0000000003730000-0x0000000003731000-memory.dmp
memory/1684-15-0x0000000003730000-0x0000000003731000-memory.dmp
memory/1684-16-0x0000000003730000-0x0000000003731000-memory.dmp
C:\Users\Admin\Desktop\Read_Me.txt
| MD5 | 5b99a2aa6df6645a5f118fabd8fc163e |
| SHA1 | eb066e89ef9323a84327161f56b29ce2ff2cfccb |
| SHA256 | db4461baba2c10e24f4af8362e56ef43b03bb9f2e216c59fdc1f07ecabbd0760 |
| SHA512 | aa5edec040a68420ad2d7f488179a808a5489b264f248bf8b1d969595d4d2b5cda8ac6aa5eed0a1f6b0a32ab6212b00185a906aeda8e9d1f3f9acba3e176efcd |
C:\Users\Admin\Desktop\ApproveEnter.mpeg3.ReadMe
| MD5 | 843d674c8b6b7bc44fa3d41b9c5283a9 |
| SHA1 | 4e70b32000e470dc5e25dd6c5793ecad7a121a5c |
| SHA256 | 9a9eb9ced362014a69934b4b0a3bd9efde77123ffbcb5f4364b8da363b03210f |
| SHA512 | 68843ee61860554871b1a9318d97ec89b23c2ed353ad38c73cc396ec50f4150fdd8b0e7c031122bf8d17d75d9a424cf4a085728c6fb8168c97976611ed415e6c |
C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk.ReadMe
| MD5 | b64541a20e043e09ae533f96c60c1887 |
| SHA1 | 3c37f981f0e74faba1675f7cdfbdf9a32ffa3bc6 |
| SHA256 | 451d76cb0fb5c764df48326b302b8f1c44b3c93617d7b02da01dae67267eea77 |
| SHA512 | 08a143cd7f691c0c513000dc27579a407a9bfa959342d765883f93263c2e91728e023fc4810497a651dc5f3456260f62d0993b0b728249106b173d46039cf4e7 |
C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk.ReadMe
| MD5 | 1174b56792af725616da7b789a594e23 |
| SHA1 | 4b206abb4efff8d00d5d2342f6e4043dfa5fe878 |
| SHA256 | a5d096b650adff3bf7044b0173f339528ff1063750234310658043e93487e591 |
| SHA512 | b3fd9ba54c47f99a2849b04ca90c1b46469d9ceacd7a00375d410d04291cb696462c316ee521ddba80176519f29c473a890bef5e72f60748e29c715c5a37f34b |
C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk.ReadMe
| MD5 | ce33b65e8df25ff615c89476e393817d |
| SHA1 | 41192b1b7714db3d30984f5272efaad5a26b4e3d |
| SHA256 | dfebb2cfe20f28d9d8a9a4387871dd7c91918a1be9990f980c8312b0a3d34e72 |
| SHA512 | 0269f9939c2a3122eb7ab6b4ee9e43abb4f88b4a86bc2abac7a338ee221ef3672389812060d83956eb443e9bba2be4de2755bfcd75c9ade30576d0012d39f5bc |
C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk.ReadMe
| MD5 | 982cb5475fd7820bf933a7a2872deb10 |
| SHA1 | bd0229293257f1b3ae2738c78e725e4b7c46f74a |
| SHA256 | 7b3899740c54f86bab536e09c5a89b50170f8209288d09583a0059b1132913e4 |
| SHA512 | 31d62e8761c5eb40cdcf7517fe0b0726266860878dd60c1e3b3905cbe46f5e98e919d47d069d787ef600c33ce3568677409883ebc890099cebc2011a54dad319 |
C:\Users\Admin\Desktop\LimitApprove.TS.ReadMe
| MD5 | df7980af4fdf1541538b804b03a8ec21 |
| SHA1 | f926848f152f5d6838d4202b79404602a2187e3a |
| SHA256 | 69ef5c178edb7bb661a3cdfe6aa522dd7ea79226d49b9d847e824769cec48033 |
| SHA512 | 78b87c93dd6dfc3161f5e78e8db2db1403b871ea140b283b13033376c04ae259576044ca338d3c949039ceed126c1a44af72508ad24683c18c6779ed47ebc09b |
C:\Users\Admin\Desktop\EnterComplete.vssm.ReadMe
| MD5 | 9d21fa39a7b81a15a996fb9d89076981 |
| SHA1 | fb6de402993bcb452b714eb96e28c6566ee2d01e |
| SHA256 | 41513dd775c8142e56acb9bbdb01bd33d027ce0209b946b93ed01f02040f120c |
| SHA512 | 738c5206efb55e0954cc177ad0bd802b5c51e38816f3050c87c83d3b893aef16fbbd69d8254060793365cb4a313176012d1fae12c31de5720c9d1f0d4807bf94 |
C:\Users\Admin\Desktop\desktop.ini.ReadMe
| MD5 | f4ef8c2d40f7d0dcc12d5b2904d57f86 |
| SHA1 | b8a64ef322661b5cdfc9ea539ad9508cc03eece5 |
| SHA256 | a7b843be2bcfaa78c3caf7f9a81b73cdeb40a690787b0766249cee7e6503ab77 |
| SHA512 | 0d6830346991a23a6ccc7be2b7ec7db4313d2d1cb333f51cf49de7c016ff3d3d054c959bed7a442f89b477b3ca51070ccf480cb0f1c1b4e1e85f1c4a0fd98544 |
C:\Users\Admin\Desktop\CheckpointStop.temp.ReadMe
| MD5 | b9ae921d2eab297bfff7544e7e87411b |
| SHA1 | e4db292462bda23a7a2d4bed4eb2164b0772e8b0 |
| SHA256 | 4122967024e888c13b049bf5d1776662f13471239123810c9089ac830fb37032 |
| SHA512 | 90c605d6a32362deda322291c0ac2f30263b7e17559fcbe306008bd8dd8d7f4ba51262f2311d9037a8f9d7ca146539bd146eb034c50791e44cf8cae336e3c4a1 |
C:\Users\Admin\Desktop\GroupExpand.ico
| MD5 | ab1382902c8316f47be07b3a8a306f84 |
| SHA1 | a792992dbb346580b66ff8bef427db68217b0a73 |
| SHA256 | 7f81972eea1ec5e99200efa6bc7687540d96500dab268064411fa7fd235d7113 |
| SHA512 | ec80bf85efb768b3c48b5360c4b95ae1775d57404407148fce81b75dc91c871ea94564d7d5f6fccb0c1fddf1b99433ab467a677f57cf80fc3f46b325e5d80f56 |
C:\Users\Admin\Desktop\SkipLock.exe.ReadMe
| MD5 | 9bc3afe9e94ce94d1c4ee2f8b437f9f7 |
| SHA1 | 11e3dca105b1cb082ef8f8b1c2e61f4de3bc2e2a |
| SHA256 | c81995ad1ea78fd53fec7a624aee167df3cd4f6c59278ff73f366d032d0d0142 |
| SHA512 | 41a1583b34586eaaacf24dfcdf1a2da7d6873acee34d1a4e4237be03e19b08ca35dfb159e62138c4e462b375b366aac2554a7f94f49ea4f46f3d05a23033688f |
C:\Users\Admin\Desktop\SendRepair.ini.ReadMe
| MD5 | 196d7f2eff241262e055b58ce7a2f45b |
| SHA1 | 41209b7c9f97a27075f8c5fce60b563367ff2fce |
| SHA256 | 2ebcadc442ae7ced7f508109db5d10e6ed8a935c991b0f112952caba5b1c41f5 |
| SHA512 | 97d85a5cc3a158b344ac04788c4a8bbedf9ff1f0ff776e7b64be64f33f0ca803875c8dc88754254dea70a7d88aba02ec5094102273c89d054132ade24f988c62 |
C:\Users\Admin\Desktop\RevokePush.jpeg.ReadMe
| MD5 | ed5e31b679d545f66a0d1403383db895 |
| SHA1 | 1a29243fa884aa72a3f4653492796b8d3586363a |
| SHA256 | bf528781f42c9dac7d28e6e7a25797f69d18194173b5a85f8b76933866fe4e5b |
| SHA512 | f4bc95b38197df5ba715235e9300a6602e6821ad0326b53f7add145b2c978d5a090eeae92ac6feff4c042cb732f09976be10d155bb978100dea908466b87ec25 |
C:\Users\Admin\Desktop\RestartCompare.3gpp.ReadMe
| MD5 | f8d0da99dad3cbbd6ab6d5f79b6927c5 |
| SHA1 | 1429aeeff24b01e30f36a828fefba9734b8c1746 |
| SHA256 | a8c5c3ca49558ecefec63af1c85227760b29e53c720c16615c6e2ddc61531597 |
| SHA512 | e8b30457996aba5e9a984334fb1773fb2a948a48806027409dbaa8c24286eba0d6fcb7a167b94d1179309581c26fc2955df5748c29972f94280d6ce2de7158cf |
C:\Users\Admin\Desktop\ResolveUnregister.DVR-MS.ReadMe
| MD5 | 2123444ea60679ab4e26ecae984de01a |
| SHA1 | db0eee5123c5173eff67d0c736e253d983b25e9e |
| SHA256 | 7328012352f792ac2f81c591f65ea031b9fddb876156533d7c8cc880364f0faa |
| SHA512 | 620f7e3e23149ec7b16b8e53cf67bb44759bef3b4534dbe9d13601e897923fe2ff82be4d1ccd7eb141cb569e8433fb69e18451035e9d0e1e9f690e1bb9ae0a81 |
C:\Users\Admin\Desktop\MeasureSend.css.ReadMe
| MD5 | 6e6e5d0305237343e04b618bd0bb7964 |
| SHA1 | 3dd991a7f511f41cee36187251f2779656cc353f |
| SHA256 | 7f42ea8412eab147e388ee88326da5f1868885f6be159e0c393ad4d3377a35f7 |
| SHA512 | 3c584223b5ad3e381a6ff1661d0ed70358f8ebfcb814aec39d1011cc61a6e1bc719c972019dc47a00f85b52ce27d969b82f5c6714f2b988bd3564eeb54ea4115 |
C:\Users\Admin\Desktop\LimitWait.jfif.ReadMe
| MD5 | ae501970a028cc5ff0cebd2bb7ca5531 |
| SHA1 | c0bb38a4f306f131351d07cead93070622ebaeab |
| SHA256 | e63cc8dd1cf5ae112cda5eb33fcd1b4a9574ed21137a1e1916b8ca45d98dccfa |
| SHA512 | 9714ea1e33c97ad5beff4f10020521e8291adba7b0655f03d6c3d218c7c5fa47c487a7d3e321792fe7e3217312f1e71f8cc00d6ece3ae52d74771c93fc815933 |
C:\Users\Admin\Desktop\ProtectDisable.dotm.ReadMe
| MD5 | 299c9623e4e58f766478f1b0baf110f0 |
| SHA1 | 26af7bf905cb787cd460b19d4e46d3022cc54059 |
| SHA256 | 1f1c39d2811eff63bd27e11e045bdfd9f94495f6b0cd56dccd8322b6b1cd326d |
| SHA512 | 792d8c601f146b7c5dfc263882bb3f41db2d07bec5c98f49b9200ef94d751cc01fd972f9bb3e1c19b6a1319df922129811b04e0de71c41e352bffcd09de0d689 |
C:\Users\Admin\Desktop\ProtectPush.temp.ReadMe
| MD5 | 90158ded4d5a58b9f35d0c2669afee03 |
| SHA1 | a47025a7e33e93129698137b6a12d820485a92d5 |
| SHA256 | ce7d2d100fbf5b3fdf74d4a8f0b4fefb097e56a86b55250383b70ff30a1c09f5 |
| SHA512 | 138cd89d11766f7124bff3bd079ed34f75a00568b591f0d14675c5439ab2dbba338390ffed616cc92eae36804f1b948238272153af19179615442c48840f2801 |
C:\Users\Admin\Desktop\ReceiveLimit.wma.ReadMe
| MD5 | eb3a09cd127f3e79537247512722f0e3 |
| SHA1 | bf4cdec5548ef80d81ea17083ec5ad0a81bc89f1 |
| SHA256 | 3ba9a0f3834369ff50c7f4ab6d63bfc3796b424006a188609c3c7dbb0da3ee91 |
| SHA512 | c01bc46a979ae4cdc6cdd8d486969b0a4db8e221b6983b823c80d4539d3af15ede2b1d93e8554cd2fb64c309608c396a614cdf6e94ed6ecf7e1e9c302134686e |
C:\Users\Admin\Desktop\RemoveOpen.DVR.ReadMe
| MD5 | 4d62f7facded344776f980ea44b49f4d |
| SHA1 | 271861c893bcff41fabf2e600e323f394410b0ac |
| SHA256 | 84bb5de342db149ee2b75857834a6123e0fd40b7b603bfd8fe6650bc45352917 |
| SHA512 | 48fd41b6aa4d376fd8cea64bdb196e96e0b6e3dc98ae577ff28c70b83ed005435b6ca2c21c8684454e89745700d596f58c2b801fa5de6818b8f264a21498137f |
C:\Users\Admin\Desktop\DismountLimit.kix.ReadMe
| MD5 | 12f9280c20fc7e032bbe2e262ea5ef0b |
| SHA1 | bd91636aa00ce188e7015a903a5e893bc1e31d92 |
| SHA256 | ba100da3b37b4055025e48d579290c8edbc91f4c4bad0c9cfb091f7278d5ba89 |
| SHA512 | d3909d34b19eee0a38e59cb7ffaa271db6245764b42736e0567f86f1e1a0b4e2c43021acc67d4d95b46d37c30b25d4170384076efe3d1173d34bdb265214651d |
C:\Users\Admin\Desktop\ExitConfirm.mpeg2.ReadMe
| MD5 | 64398d420abf346f6c8452d64259977b |
| SHA1 | f4fdede8c23f7d6da1229fc1d8406aaf1af387cf |
| SHA256 | f9f4d05ea80a2c8379732a3c63345009d6f5d1e90b0a91750b0091dbe3334f35 |
| SHA512 | f40061cf0ea5f9cac960a2152c4f92363ee3d7b6364b4255ed3791a796e7c953ec17e7a3811ecc56cb91f9326f06eafbcffa7b486bbc958ec9012c7d2dd58f3f |
C:\Users\Admin\Desktop\ConvertFromRedo.potx.ReadMe
| MD5 | 4d4a145e5e6cdb8376005215d2f81f35 |
| SHA1 | 55f10365f1fada60bcc489a926b8c9e765eb3537 |
| SHA256 | f300027e7ad046e2e10e6555c60c08d5c908baa0b60a53869eddcc99c5f61a7c |
| SHA512 | c00c185595b310c18a3c9819c0ac90eca008b07bab74f8b6c628431d3140bfb1a570418a18430c8b181b9a0945a9d875442cae50f083a4342eae268f59e4e3e1 |
C:\Users\Public\Desktop\Adobe Reader 9.lnk.ReadMe
| MD5 | 2347b0052b33a209942e50f75ee4d87e |
| SHA1 | b0de7961f71e2b2768c7b9a4a144db2b0f750316 |
| SHA256 | 19b986b0233dc802e6b42ca357e44eda19e96ae416886df05cb1794fafefb0d4 |
| SHA512 | 4f14c30e61ff63d95d6fe98f408cb5413330eef2f0637d8cc91683a6f569174bc8d691187ac4cd9d9fb9c9d97f4cfc663256035ca5daed54ea27d734b517b7dc |
C:\Users\Public\Desktop\desktop.ini.ReadMe
| MD5 | 1de1e161c11aad610d1366ba6d623184 |
| SHA1 | 315d3336f3d7d12d312cce208788d5648faf649d |
| SHA256 | eb24f34611549ade676e31e9b25a5d8bd80a69c54ef3a7fa9939d568ff6292c4 |
| SHA512 | 22917b8cdc69314d86f6f687a3f6424c093bbe7a3ea2f7b87f634d9e6ff6a733778d8f728fe6446293c0ce9a2d37ce9d878c9d6be70a72a61a232b193c513674 |
C:\Users\Public\Desktop\Firefox.lnk.ReadMe
| MD5 | 3e530afe435b96b421872c8070d1e68e |
| SHA1 | 623c90cf5eb34f0041170286f472956416184e55 |
| SHA256 | 5fb3277c2c7a402a92bfda125a8dbc9590ec714770fd166a84033ddb591cacfa |
| SHA512 | beb74778b1e2d6efe45095164037bb300a0574ff22cc0a7b10f03f143ed817d5a86f9709e9d1bb899838bdade51c65c1fbe6413441cc4b89f8264b807c4c75ef |
C:\Users\Public\Desktop\Google Chrome.lnk.ReadMe
| MD5 | 981e49d25715539e2c9ea766c9ddbf7c |
| SHA1 | de67b624a14e4aa344bcb6611542eec07e32ef60 |
| SHA256 | bf44f8bf0d5239728f597da61da80a9f1eee09b65fde5e15972479bf7fa464ed |
| SHA512 | 5a8055a984466719609891b81efaa66ab49165e63c56f1d937b4c06893cd9c7a33ad95615f6c01309e7590730e6b95dba4033512bbcdd029c6b11a51f4e8a169 |
C:\Users\Public\Desktop\Read_Me.txt
| MD5 | 5b99a2aa6df6645a5f118fabd8fc163e |
| SHA1 | eb066e89ef9323a84327161f56b29ce2ff2cfccb |
| SHA256 | db4461baba2c10e24f4af8362e56ef43b03bb9f2e216c59fdc1f07ecabbd0760 |
| SHA512 | aa5edec040a68420ad2d7f488179a808a5489b264f248bf8b1d969595d4d2b5cda8ac6aa5eed0a1f6b0a32ab6212b00185a906aeda8e9d1f3f9acba3e176efcd |
C:\Users\Public\Desktop\VLC media player.lnk.ReadMe
| MD5 | c5fe20c5180e204b396f840dc0c2d6a7 |
| SHA1 | 13aca24f36bd36d76238a661d0f98438ed8e5026 |
| SHA256 | 96a508dec1b58a40f135a591ac7492a196ed243ae58d5a3c3a9296f4f2ee1426 |
| SHA512 | a476e7da0d857a2198b6643ff90b6c838b5f9f61af6266b6bfeb5d966117560828ff5b4e64ea9dda247abf858c692ec0c552ac731f7b8a59b2aa6c95ceec677f |
C:\Users\Admin\Desktop\ApproveRepair.vssx.ReadMe
| MD5 | 04af4639eb4da75a4bbde5c4acc32ca0 |
| SHA1 | 05372a636102dd53f91ece32b8002834789f8e44 |
| SHA256 | cb4def9a66c079edc6a692e483bf5ca371d65c61ac78aa56be279e94cd6df739 |
| SHA512 | 855709b55a996f642c75b03e75be1d1f49f66883d0c47e5eeeb1a083061d5e99a69e51a10911aa5f45d4889cce811e7a9faf807969ce6a6760590f36b9bce603 |
C:\Users\Admin\AppData\Local\Temp\WPDNSE\Read_Me.txt
| MD5 | 5b99a2aa6df6645a5f118fabd8fc163e |
| SHA1 | eb066e89ef9323a84327161f56b29ce2ff2cfccb |
| SHA256 | db4461baba2c10e24f4af8362e56ef43b03bb9f2e216c59fdc1f07ecabbd0760 |
| SHA512 | aa5edec040a68420ad2d7f488179a808a5489b264f248bf8b1d969595d4d2b5cda8ac6aa5eed0a1f6b0a32ab6212b00185a906aeda8e9d1f3f9acba3e176efcd |
memory/1684-50-0x0000000003DF0000-0x0000000003DF1000-memory.dmp
Analysis: behavioral2
Detonation Overview
Submitted
2020-11-05 20:58
Reported
2020-11-05 22:28
Platform
win10v20201028
Max time kernel
65s
Max time network
115s
Command Line
Signatures
Phorphiex Worm
Windows security bypass
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\115802396715453\winsvcs.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
Modifies Installed Components in the registry
Windows security modification
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Security Center\FirewallDisableNotify = "1" | C:\115802396715453\winsvcs.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Security Center\AntiVirusOverride = "1" | C:\115802396715453\winsvcs.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Security Center\AntiVirusDisableNotify = "1" | C:\115802396715453\winsvcs.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Security Center\FirewallOverride = "1" | C:\115802396715453\winsvcs.exe | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\Microsoft Windows Services = "C:\\115802396715453\\winsvcs.exe" | C:\Users\Admin\AppData\Local\Temp\pcnew.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000\Software\Microsoft\Windows\CurrentVersion\Run\Microsoft Windows Services = "C:\\115802396715453\\winsvcs.exe" | C:\Users\Admin\AppData\Local\Temp\pcnew.exe | N/A |
Drops desktop.ini file(s)
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\DataServices\DESKTOP.INI | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\Desktop.ini | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\desktop.ini | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
Enumerates connected drives
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-openide-util-lookup.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudent2019R_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color48.bmp | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\Lumia.ViewerPlugin\Assets\IconOpenInRefocus.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\nl-NL\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\time-span-16.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\deploy\messages_fr.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\1033\NATIVESHIM.RESOURCES.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\uninstall\helper.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-templates_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ACEDAO.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Work\contrast-black\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\contrast-white\Weather_BadgeLogo.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\javafx_font_t2k.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PublisherR_Trial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\Wave.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\GADUGI.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\az\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AlarmsMedTile.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Images\fre_background.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\deploy\messages_ko.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\api-ms-win-crt-locale-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Mail\wabmig.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Office\Smooth.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-spi-quicksearch.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000049\manifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-application-views.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-uisupport.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.operations_2.4.0.v20131119-0908.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-javahelp.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Integration\C2RManifest.shared.Office.x-none.msi.16.x-none.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\wmpnssci.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows NT\TableTextService\TableTextService.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\LoadIcon_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\hwrusalm.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\jfxwebkit.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\176.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\Microsoft.Excel.Amo.Core.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\liblibmpeg2_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudentVNextR_Trial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_Trial2-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\EduWorks Data Streamer Add-In\Microsoft.Office.Tools.Excel.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\api-ms-win-crt-stdio-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.Runtime.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStd2019R_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProVL_KMS_Client-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\EntityPickerIntl.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\BLENDS\BLENDS.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\LTR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Assets\Office\ProjectionSpheric.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\management.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProR_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusiness2019VL_KMS_Client_AE-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft.NET\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\sqmapi.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-print.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\AppxBlockMap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-openide-util-enumerations.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\SyncFusion.Grid.Grouping.Windows.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PROOF\MSHY7EN.LEX | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\PROFILE\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_splitter\libclone_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\AmMonitoringInstall.mof | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\jre\lib\images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.RSA | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Outlook2019R_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\en\SpreadsheetIQ.ExcelAddin.Resources.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\playlist\cue.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-openide-awt.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusE5R_Subscription-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\lib\locale\org-openide-util_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-spi-quicksearch_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\msvcp120.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_SubTrial3-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_OEM_Perp2-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\powerview.x-none.msi.16.x-none.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jstat.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\MANIFEST.MF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\TextureBitmaps\medwood.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\_Resources\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\libEGL.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\images\speaker-32.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-openide-nodes.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vreg\proofing.msi.16.en-us.vreg.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\193.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\Resources\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Personal2019DemoR_BypassTrial180-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Bibliography\Style\IEEE2006OfficeOnline.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Smart Tag\SmartTagInstall.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-black\Square71x71Logo.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Resources\TopicPage\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageAppList.targetsize-96_altform-unplated_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_classic_win7.css | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\1033\EEINTL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Mozilla Firefox\gmp-clearkey\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\removed-files | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\PROOF\MSLID.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\ECLIPSE\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\RIPPLE\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Media Renderer\DMR_48.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019VL_KMS_Client_AE-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft Help\MS.GRAPH.16.1033.hxn | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\IEAWSDC.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft\OFFICE\Heartbeat\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\dcfmui.msi.16.en-us.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Common.ShowHelp.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusiness2019R_Trial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\PROTTPLN.DOC | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\he\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\MEIPreload\manifest.json | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib\1033\SFMESSAGES.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.sr-latn-rs.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\gu.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\cs.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\OriginReport.Dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\msvcr120.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Home\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\keypad\ea.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\SPRING\SPRING.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.Excel.AnalysisServices.AdomdClientUI.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\AppxSignature.p7x | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019MSDNR_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power View Excel Add-in\Microsoft.ReportingServices.AdHoc.Excel.Client.Entry.Interfaces.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\AFTRNOON\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\http\images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jmc.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_OEM_Perp4-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\QuickStyles\basicsimple.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1605.0_x86__8wekyb3d8bbwe\microsoft.system.package.metadata\Autogen\JSByteCodeCache_32 | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\api-ms-win-core-xstate-l2-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_OEM_Perp4-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\System\vccorlib110.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Home\RTL\contrast-black\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\VoiceRecorderWideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GamesXboxHubSplashScreen.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Controls\EndOfLife\Assets\farewell.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\Mso20win32client.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365BusinessDemoR_BypassTrial365-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\hi\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\TextIntelligence.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-white\SplashScreen.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.pl-pl.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\org.eclipse.rcp_root_4.4.0.v20141007-2301 | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSOADFPS.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-crt-filesystem-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\as_IN\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.targetsize-30_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\lib\deployed\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusEDUR_SubTrial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\EduWorks Data Streamer Add-In\System.Runtime.InteropServices.RuntimeInformation.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\lib\nbexec64.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Integration\Addons\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PersonalPipcR_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019R_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\VBA\VBA7.1\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Place\LTR\contrast-black\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.jetty.security_8.1.14.v20131031.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.jface.text_3.9.1.v20140827-1810.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusiness2019R_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ca\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\mai\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-openide-modules.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\jabswitch.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.widgets.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-white\Weather_LogoSmall.targetsize-256.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\IACOM2.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_copy_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.VisualBasic.Targets | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\STRTEDGE\STRTEDGE.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\System\mfcm140u.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\RTL\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Work\contrast-black\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sampler_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_SubTrial2-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProO365R_SubTrial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\browser\features\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AlarmsMedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\kk.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings_0.10.200.v20140424-2042.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Web Server Extensions\16\BIN\FPWEC.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-white\Square44x44Logo.targetsize-48.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-sendopts.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.lt-lt.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msadco.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-lib-uihandler.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\423x173\6.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\prism_sw.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows NT\TableTextService\TableTextServiceArray.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\en-US\msadcor.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_ConsumerSub_Bypass30-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGMN058.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Office\Emboss.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\fy.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-process-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_Subscription3-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-150_8wekyb3d8bbwe\AppxManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\boxed-join.avi | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.emf.ecore.change_2.10.0.v20140901-1043.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\th-TH\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\title.htm | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\org-openide-util-enumerations.xml_hidden | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\pkeyconfig-office.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\VoiceRecorderAppList.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\et.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskpred.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\195.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\27.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\Logo.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\BORDERS\MSART14.BDR | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\PROOF\MSWDS_FR.LEX | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ms.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Media Renderer\DMR_120.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\fonts\LucidaSansRegular.ttf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Integration\C2RManifest.PowerView.PowerView.x-none.msi.16.x-none.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Publisher2019VL_MAK_AE-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGMN107.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\AirSpace.Etw.man | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\api-ms-win-crt-convert-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-modules-settings.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\contrast-black\SplashScreen.scale-200_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Office\ProjectionSpheric.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\Cultures\OFFICE.ODF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\precomplete | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\msoia.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Abstractions.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libvoc_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\LTR\contrast-white\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\api-ms-win-crt-private-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\BORDERS\MSART13.BDR | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\control\liboldrc_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\Cultures\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\System\msvcr110.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_66\lib\deploy\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\MSJH.TTC | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\PhotosLargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\plus_icon.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Assets\GetStartedAppList.targetsize-20.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipshi.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome_100_percent.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\OFFSYMB.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL016.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\AppxBlockMap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageAppList.targetsize-40.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\dt.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-core-windows.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_OEM_Perp3-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\VoiceRecorderSplashScreen.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\210x173\0.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-attach_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremR_SubTrial3-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\DESIGNER\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\hr\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\el\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\Wave_icon.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Microsoft.Advertising\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\jpeg.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\Century Gothic.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\en-US\msdasqlr.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\AccessR_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\word.x-none.msi.16.x-none.boot.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOICONS.EXE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\playlist\appletrailers.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgaussianblur_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\eventlog_provider.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-javahelp.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_SubTrial3-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_SubTrial1-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\JOURNAL\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\bg.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-text_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\contrast-white\LargeLogo.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\about.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\tl\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-sampler.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSOHEVI.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\contrast-white\AppPackageBadgeLogo.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Microsoft3DViewer_1.1702.21039.0_neutral_~_8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\cs-CZ\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\jre\lib\ext\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStd2019VL_MAK_AE-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Windows Media Player\Visualizations\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Office\clone.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Office\PlaneCutMove.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\Smiley face.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-charts.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PublisherVL_KMS_Client-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Bibliography\Style\SIST02.XSL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\contrast-black\DashboardDefaultThumbnail.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\mip.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\javafx-mx.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.intro.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudentVNextR_Trial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\MSInfo\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\jfxswt.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\FPA_f7\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppTiles\contrast-black\MapsWideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.update.configurator_3.3.300.v20140518-1928.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessPipcR_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\ExcelNaiveBayesCommandRanker.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\Weather_TileLargeSquare.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\eu.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Word2019R_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\192.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\resources.pri | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Assets\Office\Emboss.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\VSTO\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGMN102.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\api-ms-win-core-file-l1-2-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_udp_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\MANIFEST.MF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Access2019R_Trial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Home\RTL\contrast-black\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-black\Square44x44Logo.targetsize-24.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageAppList.targetsize-30_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-modules-appui.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\WinWordLogo.contrast-black_scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_ps_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\office.x-none.msi.16.x-none.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libxa_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\mux\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\api-ms-win-crt-private-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019XC2RVL_MAKC2R-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\cgg\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\resources.pri | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_Subscription2-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\MSUIGHUR.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\mr\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\AppxMetadata\CodeIntegrity.cat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.targetsize-96_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\License.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdR_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\WorldClockWideTile.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProXC2RVL_MAKC2R-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\1033\osmia32.msi | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Infragistics2.Win.UltraWinEditors.v11.1.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Resources\TopicPage\PartnerJS\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\FileIcons\FileLogoExtensions.targetsize-48.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsel.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\NIRMALAB.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libposterize_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppTiles\contrast-white\MapsWideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-white\Icon.targetsize-32.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Content\images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_Subscription4-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\WinWordLogoSmall.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\psfont.properties.ja | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PersonaSpy\personaspybridge.js | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\index.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\javafx_font.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\tr\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\VoiceRecorderWideTile.contrast-black_scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOIDRES.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\LAYERS\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libfluidsynth_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\AppxBlockMap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\SETLANG_COL.HXC | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft\OFFICE\MySite.ico | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\meta\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Linq.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProXC2RVL_MAKC2R-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.ReportingServices.Diagnostics.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\jp2iexp.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Place\RTL\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\LanguageModel\chstic.dgml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\javap.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\el.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\java.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ecf.filetransfer_5.0.0.v20140827-1444.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\contrast-white\SmallLogo.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-white\Weather_TileMediumSquare.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\Peacock.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\adcjavas.inc | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\traintrackrightturn.3mf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.targetsize-72_altform-unplated_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\jp2launcher.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-openide-loaders.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\SystemX86\mfc140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.Excel.ReportingServices.DataExtensions.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\GOTHIC.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\PIXEL\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Effects\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoVL_MAK-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\PowerPntLogoSmall.contrast-black_scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libbluray-j2se-1.0.2.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.targetsize-20_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.osgi.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Integration\C2RManifest.office32mui.msi.16.en-us.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\AccessRuntime2019R_PrepidBypass-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019R_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Office\settle.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ext.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\feature.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\ext\updater.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\fonts\LucidaBrightItalic.ttf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_OEM_Perp2-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PROOF\LTSHYPH_ES.LEX | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\Triedit\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\rt.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\api-ms-win-crt-string-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Professional2019R_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\EduWorks Data Streamer Add-In\Microsoft.Office.Tools.Common.v4.0.Utilities.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\osmmui.msi.16.en-us.boot.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Office\Simplify.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-modules-masterfs-nio2.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\Century Gothic-Palatino Linotype.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\WinWordLogoSmall.contrast-black_scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL087.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Common.DBConnection64.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libfps_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7z.sfx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.apache.httpcomponents.httpclient_4.2.6.v201311072007.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\api-ms-win-core-file-l2-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\WidescreenPresentation.potx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\si\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libd3d11va_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraSplashScreen.contrast-white_scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Car\LTR\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\resource.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Home\LTR\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\th\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\1033\OcHelperResource.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\default-browser-agent.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\gui\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\AppxSignature.p7x | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Workflow\Icon_Printer Settings.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\plugin.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\AppvIsvSubsystems64.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GetStartedSplash.scale-200_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\Cartridges\hive.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\TrafficHub\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\management\jmxremote.access | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ACEXBE.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\osmux.x-none.msi.16.x-none.boot.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Office\CenterView.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\eu\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusiness2019R_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Redshift\lib\OpenSSL64.DllA\ssleay32.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\net.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\AccessVL_MAK-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jhat.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremR_SubTrial5-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\xmlrwbin_xl.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Workflow\Density_Selected_Hard.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2R32.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\jre\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Smart Tag\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_delay_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Place\LTR\contrast-white\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Content\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\offsymsl.ttf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\msipc.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\TextureBitmaps\papyrus.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.targetsize-256_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdVL_KMS_Client-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LivePersonaCard\images\default\linkedin_logo_small.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msadds.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019XC2RVL_KMS_ClientC2R-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libchain_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.http.registry_1.1.300.v20130402-1529.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL001.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_Subscription2-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\BREEZE\BREEZE.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Controls\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\jre\lib\fonts\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\awt.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraSmallTile.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.scale-125_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.diagnostic_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\sl\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\msix.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\sq\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\configuration\config.ini | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\SyncFusion.Tools.Windows.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-api-caching_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-tools_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_SubTrial2-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\NewComment.White.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\deploy\messages_zh_CN.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\gtkTSFrame.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\RMNSQUE\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libty_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libcache_read_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\larrow.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\FLTLDR.EXE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\concrt140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\et\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\wmpshare.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\contrast-white\Movie-TVStoreLogo.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.ro-ro.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jmc.ini | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\deploy\messages_it.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\id\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Place\contrast-black\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Microsoft3DViewer_1.1702.21039.0_x64__8wekyb3d8bbwe\Assets\Viewer\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fr-FR\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_66\lib\fonts\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\feature.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\feature.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\lib\locale\org-openide-util-lookup_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusiness2019R_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusVL_KMS_Client-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\uk-UA\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\security\trusted.libraries | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\contrast-black\MusicStoreLogo.scale-125_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Wordcnvpxy.cnv | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\QuickStyles\linesstylish.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Assets\Office\Smooth.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Professional2019R_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\POWERPNT_K_COL.HXK | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Work\contrast-black\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GetStartedLargeTile.scale-200_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbyclient.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\ext\zipfs.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib\LibCurl64.DllA\OpenSSL64.DllA\openssl64.dlla.manifest | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\AUTHORS.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Home\LTR\contrast-white\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppTiles\contrast-white\SplashScreen.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsdan.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PersonalPipcR_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Windows Photo Viewer\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MANIFEST.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProfessionalR_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-crt-filesystem-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppTiles\MapsMedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbyLocale_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPointVL_MAK-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft SQL Server\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\Accessible.tlb | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationTypes.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AlarmsSplashScreen.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\deploy\messages_sv.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_Retail2-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-api_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.Data.Recommendation.Client.Picasso.Sampler.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Office\NewScene.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ne.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\tipskins.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\FirstRunLogo.contrast-white_scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\office32mui.msi.16.en-us.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_description_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\en-US\oledb32r.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Library\Analysis\ANALYS32.XLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProR_Retail2-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\FirstRunLogoSmall.contrast-white_scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\sq\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\RTL\contrast-white\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\bulldozer.3mf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.osgi.compatibility.state_1.0.1.v20140709-1414.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-core.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\si\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-white\Icon.targetsize-48.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdVL_MAK-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Source Engine\OSE.EXE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MEDIA\LASER.WAV | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Windows NT\TableTextService\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_Trial2-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStd2019VL_MAK_AE-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\sysinfo.bat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\deploy\messages_pt_BR.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\SLINTL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\GRPHFLT\WPGIMP32.FLT | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\423x173\75.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_KMS_Automation-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Personal2019R_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGMN090.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\ECHO\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\SystemX86\msvcp140_1.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libg711_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\sl.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Client.AddinTelemetry.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Colors\Red Violet.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_OEM_Perp5-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ExcelCombinedFloatieModel.bin | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\VBA\VBA7.1\1033\VBE7INTL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\zh_CN\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\kn.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\javax.servlet.jsp_2.2.0.v201112011158.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppPackageWideTile.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\sl-SI\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Assets\Office\PlaneCutMove.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.apache.felix.gogo.runtime_0.10.0.v201209301036.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Client.Excel.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\msoianetutil.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Place\LTR\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.targetsize-16_altform-unplated_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jvisualvm.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\jawt.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_h264_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\AppxBlockMap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\officemuiset.msi.16.en-us.boot.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\1033\ACEODBCI.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power Map Excel Add-in\POWERMAPCLASSIFICATION.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL048.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\dialogs\equalizer_window.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\RTL\contrast-white\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\AppxSignature.p7x | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_OEM_Perp4-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OutlookVL_KMS_Client-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1605.0_x64__8wekyb3d8bbwe\AppxManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.scale-200_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-openide-explorer.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Assets\Office\settle.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProfessionalR_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\hu\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\TextureBitmaps\oak.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\license.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\prism_common.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft Help\MS.EXCEL.16.1033.hxn | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\184.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans_1.2.200.v20140214-0004.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.security_1.2.0.v20130424-1801.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-host-remote.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_Subscription2-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProO365R_SubTrial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\OMML2MML.XSL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\CENTURY.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\default_apps\drive.crx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Assets\Office\BooleanMerge.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\en-US\wmplayer.exe.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jarsigner.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_SubTrial4-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\TRANSLAT\ENFR\MSB1ENFR.ITS | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\Smiley face_icon.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Personal2019R_Trial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProCO365R_SubTest-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\ClientLangPack2019_eula.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\GRINTL32.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\mk\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\fonts\LucidaBrightDemiBold.ttf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusiness2019R_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\tr.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\THIRDPARTYLICENSEREADME.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\cmm\LINEAR_RGB.pf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\BORDERS\MSART12.BDR | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\NAMECONTROLPROXY.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\PhotosWideTile.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Internet Explorer\SIGNUP\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\Stars.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\GamesXboxHubLargeTile.scale-125_contrast-high.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\jre\lib\amd64\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Car\RTL\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LivePersonaCard\TPN.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\MpOAV.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\Spacer\9px.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Cartridges\db2v0801.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\LTR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\msvcp120.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\AppxBlockMap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ta.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ql.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\PAPYRUS\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Car\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Portal\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ach\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\kn\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\br\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019R_Trial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\OART.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_SubTest4-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\WordVL_MAK-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\js\common.js | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome.dll.sig | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\org-netbeans-api-visual.xml_hidden | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\contrast-white\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\SymSrv.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\contrast-white\iheart-radio.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\csi.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\AppxSignature.p7x | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\hi.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\deploy\messages_zh_HK.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.renderers.swt_0.12.1.v20140903-1023.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Publisher2019R_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Access2019R_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoVL_KMS_Client-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremR_SubTrial2-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Assets\GetStartedAppList.targetsize-256_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ACECORE.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\AppxBlockMap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\traincarcaboose.3mf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\deploy\messages_de.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\smtp.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\sqmapi.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libx26410b_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\ext\dnsns.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64_3.103.1.v20140903-1947.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusMSDNR_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\feature.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.console_1.0.300.v20131113-1212.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\ProtectMeasure.htm | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\wmpnscfg.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppTiles\MapsAppList.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageAppList.targetsize-64_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_SubTrial3-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\CAPSULES\CAPSULES.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\210x173\91.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSZIP.DIC | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\Cartridges\msql.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProVL_MAK-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\ARIALN.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\api-ms-win-core-timezone-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AlarmsLargeTile.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\dt_socket.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power View Excel Add-in\Microsoft.ReportingServices.ProgressiveProcessing.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\Cartridges\sql2000.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\resources.pri | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libmediadirs_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\MpCommu.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\STARTUP\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\210x173\28.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\SmallLogo.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Cartridges\Informix.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\RADIAL\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_output\libmmdevice_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-black\Square44x44Logo.targetsize-24_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Workflow\Icon_Advanced Layout.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\188.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\ClientARMRefer_eula.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\wordmui.msi.16.en-us.boot.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusEDUR_SubTrial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\GRPHFLT\MS.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\api-ms-win-crt-math-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\TrafficHub\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\210x173\15.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\ext\jhall-2.0_05.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\JavaAccessBridge-64.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\DEEPBLUE\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\Weather_LogoSmall.targetsize-16_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\FileIcons\FileLogoExtensions.targetsize-32.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker_1.1.200.v20131119-0908.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-modules-sampler.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\resources.pri | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Assets\GetStartedAppList.targetsize-16_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_PrepidBypass-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\DW\DBGCORE.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\EssentialLetter.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\PAPYRUS\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\AppList.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusinessR_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\BIPLAT.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OneNoteR_Trial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OutlookR_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Office\ResetCoord.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.security.win32.x86_64_1.0.100.v20130327-1442.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-sampler.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdO365R_SubTest-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\TEXTCONV\MSCONV97.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraLargeTile.contrast-black_scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\shape_sphere.3mf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\org-netbeans-core-execution.xml_hidden | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\about.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.resources_3.9.1.v20140825-1431.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.jetty.http_8.1.14.v20131031.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-swing-plaf_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\lv.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\SoftBlue.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\api-ms-win-core-xstate-l2-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\SUMIPNTG\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libmjpeg_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Windows Security\BrowserCore\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\GamesXboxHubBadgeLogo.scale-125_contrast-high.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\MANIFEST.MF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremR_SubTrial3-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\api-ms-win-crt-environment-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\en\DatabaseCompare_col.hxt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\en-US\MsMpResL.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-templates_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sr-spl.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Messaging_3.2.24002.0_neutral_~_8wekyb3d8bbwe\AppxMetadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\deploy\messages_pt_BR.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\ospintl.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Smart Tag\FBIBLIO.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\java-rmi.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.help.ui_4.0.100.v20140401-0608.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\concrt140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\fy\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\ja\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\msvcp140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.jarprocessor.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-modules-uihandler.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\OFFSYMSL.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\kab.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\IEShims.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power View Excel Add-in\Microsoft.ReportingServices.AdHoc.Excel.Client.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\sr-Cyrl-RS\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_chromecast_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraMedTile.contrast-black_scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\LTR\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\olh.htm | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\dropins\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PersonalR_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\vcruntime140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\Mso20win32client.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\24.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\hr-HR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ms.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\java.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\VBA\VBA7.1\1033\FM20.CHM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\mk\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_228ef1_256x240.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusiness2019R_OEM_Perp4-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Redshift\lib\amazonredshiftodbc_sb64.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019XC2RVL_KMS_ClientC2R-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\WordVL_MAK-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\WinWordLogo.contrast-black_scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\PhotosAppList.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_basestyle.css | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-options-api.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\Green Bubbles.htm | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\NisWfp.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\fonts\TwemojiMozilla.ttf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\StoreWideTile.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudentR_Trial2-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\WINWORD_F_COL.HXK | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\Microsoft.Excel.SPClient.Interfaces.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\Mso30win32client.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\TextureBitmaps\whmarble.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OneNoteVL_KMS_Client-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Word2019VL_MAK_AE-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\Cartridges\as80.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraLargeTile.contrast-white_scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Content\surfaceHub\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\management\snmp.acl.template | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\DEEPBLUE\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Client.Excel.EditorRibbon.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jabswitch.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudentR_Trial2-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Integration\C2RManifest.excelmui.msi.16.en-us.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProR_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\OUTLFLTR.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libdvdread_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.bg-bg.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\epl-v10.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\api-ms-win-core-processthreads-l1-1-1.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\ClientSub2019_eula.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\CANYON\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-attach.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremR_SubTrial5-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PROOF\msgr8es.dub | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\1033\OSFINTL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_rtp_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-core-processthreads-l1-1-1.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Templates\1033\GettingStarted16\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\Spacer\2px.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\epl-v10.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1605.0_x64__8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-charts_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\DW\DW20.EXE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libcompressor_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\SplashScreen.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\IpsPlugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\PowerPntLogoSmall.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\intf\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\plugins.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\ExportEdit.docm | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ExcelR_Trial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.directorywatcher.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\RTL\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\FrequentOfficeUpdateSchedule.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\ext\localedata.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\BLUECALM\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\SystemX86\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-crt-environment-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libkaraoke_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\visualization\libprojectm_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\AMMonitoringProvider.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Access2019VL_MAK_AE-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Standard2019R_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1605.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\Autogen\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\org-netbeans-lib-profiler-ui.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-uihandler.xml_hidden | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Contrast\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-attach.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\StandardMSDNR_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\access_output\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.renderers.swt.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\concrt140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.scheduler.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Security\BrowserCore\manifest.json | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\contrast-white\SmallLogo.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\Square150x150Logo.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\IPSEventLogMsg.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.app_1.3.200.v20130910-1609.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\CAPSULES\CAPSULES.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Assets\Office\Scale.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\windmill.3mf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\HWRCustomization\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\sr-Latn-RS\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\shape_cone.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\63.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\core\locale\core_visualvm.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\System\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\cpprestsdk.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\SetupMetrics\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-api-annotations-common_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPoint2019R_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\FirstRunLogoSmall.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\PlatformCapabilities\CommonCapabilities.json | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-queries_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_SubTrial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\libinteger_mixer_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\THANKS.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\org-netbeans-lib-profiler-common.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\SyncFusion.Grid.Base.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Installer\setup.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.DataIntegration.TransformDataByExample.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Excel2019R_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\WordR_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\SkypeSrv\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\1033\OWSHLP10.CHM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\OWSSUPP.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\contrast-black\LargeLogo.scale-200_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\symbols\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\ext\locale\updater_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\lib\deployed\jdk15\windows-amd64\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\api-ms-win-core-timezone-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\TrafficHub\contrast-white\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\VoiceRecorderMedTile.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\Logo.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Office\SelectAll.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\RELEASE-NOTES.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_winxp_olv.css | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019R_Trial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vreg\dcf.x-none.msi.16.x-none.vreg.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ky\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\SplashScreen.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\SetupMetrics\20201028183016.pma | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-api.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Professional2019R_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019R_Trial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\WordR_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\TRANSLAT\ESEN\WT61ES.LEX | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\api-ms-win-core-timezone-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Assets\Office\CenterView.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.commands_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\vccorlib140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-ui_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_OEM_Perp5-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSO40UIRES.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\210x173\13.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\210x173\9.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\Assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPOlive.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mr.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-attach_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Colors\Yellow.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\lua\liblua_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerEvaluators.exsd | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\vcruntime140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\StopwatchWideTile.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVFileSystemMetadata.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\jabswitch.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\StandardMSDNR_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Design.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\TextureBitmaps\bltissue.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\hijrah-config-umalqura.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\javax.annotation_1.2.0.v201401042248.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office 15\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\Cartridges\sql70.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-white\Square44x44Logo.targetsize-256_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt_0.12.100.v20140530-1436.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\Lumia.ViewerPlugin\Assets\IconEditMoment.contrast-white_scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageSmallTile.scale-200_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\Stars.htm | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\spu\libsubsdelay_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\lpklegal.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-white\Square44x44Logo.targetsize-16.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\sawindbg.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\org-openide-compat.xml_hidden | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\OFFICE16\Office Setup Controller\pidgenx.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\servertool.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\ru\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\PowerPntLogoSmall.contrast-white_scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Messaging_3.26.24002.0_x64__8wekyb3d8bbwe\TEE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\jre\lib\jfr\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProO365R_Subscription-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\RTL\contrast-black\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-125_8wekyb3d8bbwe\AppxSignature.p7x | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\vlm.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Windows NT\Accessories\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\mscss7fr.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\dbghelp.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_OEM_Perp5-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\ExcelLogoSmall.contrast-white_scale-80.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\resources.pri | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Professional2019R_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\210x173\31.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_OEM_Perp6-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\MpProvider.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository_2.3.0.v20131211-1531.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\AccessR_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProR_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\Microsoft.AnalysisServices.AzureClient.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\prism_d3d.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-core-multitabs_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019VL_KMS_Client_AE-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vreg\excelmui.msi.16.en-us.vreg.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\StoreMedTile.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\160.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.targetsize-48_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\ij | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.net.win32.x86_64.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuvp_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libfreeze_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\Square44x44Logo.targetsize-16.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusiness2019R_OEM_Perp2-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\images\Back-48.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-crt-math-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\uninstall.log | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Office\Emboss.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\LiveTile\W6.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.osgi.compatibility.state.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Common.SqlDatabase.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Resources.pri | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\intf\luac.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\liblive555_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7Handle.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\lib\jfluid-server.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Assets\GetStartedAppList.scale-100_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvm_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdO365R_Subscription-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProMSDNR_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\msotdintl.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\AppxBlockMap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Assets\GetStartedAppList.scale-100_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\images\bing.ico | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-modules-options-api.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppTiles\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\423x173\27.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Cartridges\sql2000.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL093.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\WindowsBase.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\AccessVL_KMS_Client-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusiness2019R_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-150_8wekyb3d8bbwe\Assets\AppTiles\StoreLogo.scale-150.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\api-ms-win-core-file-l2-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.Tile.winmd | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\TelemetryLog.xltx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Filters\offfiltx.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\VBA\VBA7.1\1033\VBOB6.CHM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\contrast-black\Logo.scale-125_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\15.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Retrospect.thmx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\OriginResume.Dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\hprof.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\Garamond-TrebuchetMs.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PersonalPipcDemoR_BypassTrial365-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\HeroHelp\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423496926556.profile.gz | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-print.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\contrast-white\AppPackageStoreLogo.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Home\LTR\contrast-white\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\pt-PT.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.core.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\175.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbyLocale_hu.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationClientsideProviders.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\Donut_icon.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-black\Icon.targetsize-256.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\Send2.16.White.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\PhotosWideTile.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\Spacer\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\BOOKOSB.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbyLocale_ja_JP.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_66\lib\images\cursors\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019R_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\requests\playlist.json | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraWideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\dragHandle.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-openide-explorer.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Container.exe.config | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\SpreadsheetIQ.Diagram.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_pitch_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.garbagecollector.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudentR_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\meta-index | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\GamesXboxHubSplashScreen.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-charts_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_Subscription5-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\pl\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\lv\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\eclipse_1655.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPTSFrame.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\lib\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.IdentityModel.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Home\RTL\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.EventSource.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\ExcelLogo.contrast-white_scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\msoasb.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\as_IN\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.browser.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_ConsumerSub_Bypass30-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\VBAJET32.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\MpRtp.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\vccorlib140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\PowerPivotExcelClientAddIn.tlb | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\157.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7zFM.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-keyring-fallback.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\th-TH\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\ServiceWatcherSchedule.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\spu\liblogo_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libdeinterlace_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\RTL\contrast-black\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Home\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\AppxManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_globalstyle.css | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000011\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\PhotosMedTile.contrast-black_scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\AppxManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\contrast-white\AppList.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\extcheck.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\OMICAUT.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\security\local_policy.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\AccessVL_MAK-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-private-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-core-multiview_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Place\LTR\contrast-black\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\DirectDB.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Access2019R_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\extensions\VLSub.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.targetsize-32_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msadomd.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ga\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libimem_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Contrast\Contrast-black\BuilderLogo.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudent2019R_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_SubTest-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.sat4j.core_2.3.5.v201308161310.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-fallback_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_OEM_Perp6-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusinessR_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\Resources\1033\msolui.rll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\AppxSignature.p7x | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.jface.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark.css | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSORES.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\jconsole.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\EXP_PDF.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\meta\art\02_frenchtv.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libmagnify_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\GamesXboxHubMedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Office\BooleanSubtract.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageAppList.targetsize-96_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.help.webapp.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\FirstRunLogoSmall.contrast-white_scale-80.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProVL_KMS_Client-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGMN010.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\cardview-addtotable-dark.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ja\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\vlc-cache-gen.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\lib\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-swing-tabcontrol_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\AppxManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\169.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\epl-v10.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.jface.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Outlook2019VL_MAK_AE-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL106.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Office\ProjectionPlanar.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Content\surfaceHub\en-GB\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageAppList.targetsize-16_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.diagnostic.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_Trial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\pack200.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Excel2019R_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Assets\Office\PlaneCutKeepBoth.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\hwrlatinlm.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\jre\bin\dtplugin\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_output\libdrawable_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000042\index.win32.bundle | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PROOF\msgr3jp.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\NisLog.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\423x173\34.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\CERTINTL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\sl\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\Square71x71Logo.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-ui_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Assets\Office\NewScene.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\SyncFusion.Shared.Base.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppTiles\contrast-white\MapsStoreLogo.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.RSA | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPointVL_MAK-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\pa\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_dummy_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\VideoLAN Website.url | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\423x173\28.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppPackageSplashScreen.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\FlickLearningWizard.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\NAME.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\api-ms-win-crt-conio-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.apache.felix.gogo.command_0.10.0.v201209301215.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Excel2019VL_MAK_AE-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OutlookVL_MAK-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\msotelemetryintl.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\concrt140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\ProtectionManagement_Uninstall.mof | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\HeroHelp\Scenario3.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\mc.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\rightnav.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\AppxSignature.p7x | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-core-multiview_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\JAWTAccessBridge-64.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libuleaddvaudio_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\mshwgst.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\core\locale\core_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OutlookR_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Smart Tag\MSTAG.TLB | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vreg\osmux.x-none.msi.16.x-none.vreg.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\lv-LV\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusiness2019R_OEM_Perp2-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\CameraIcon_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\or\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\sr\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdXC2RVL_KMS_ClientC2R-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\EventSource.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusMSDNR_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\StandardVL_KMS_Client-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\mfc140u.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\AppvIsvSubsystems64.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_ffffff_256x240.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\LiveTile\W3.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.vi-vn.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\Garden.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-crt-environment-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1605.0_x64__8wekyb3d8bbwe\AppxMetadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\ssv.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\fr\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.swt_3.103.1.v20140903-1938.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Office.Interop.Outlook.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Common.ClientConfiguration.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageAppList.targetsize-48_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\CompressClose.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\NetworkServerControl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_Subscription5-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL107.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\EQUATION\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppTiles\contrast-black\MapsMedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\feature.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-charts_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\CHART.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL065.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libadjust_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\StoreSmallTile.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Interop.MSDASC.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\eu\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\WideLogo.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\orbd.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\deploy\messages_fr.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\DataServices\+Connect to New Data Source.odc | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-white\Square310x310Logo.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Shell\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Shell\Themes\Glyphs\Font\MSNMDL2.ttf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\include\win32\bridge\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\ar\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MEDIA\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\is\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Assets\Office\EmbossContour.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\contrast-black\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-progress-ui.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_O17EnterpriseVL_Bypass30-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Excel2019VL_KMS_Client_AE-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\api-ms-win-crt-utility-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ko\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\Images\Ratings\Yelp7.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\es-ES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\da.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusinessR_Trial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\EduWorks Data Streamer Add-In\Microsoft.DataStreamer.Excel.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\SLATE\SLATE.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GamesXboxHubWideTile.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\MavInject32.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PersonalDemoR_BypassTrial180-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\EXPTOOWS.XLA | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\sv-SE\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\ext\jaccess.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\lt\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\ExcelLogoSmall.scale-80.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\210x173\2.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-selector-ui.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Standard2019R_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\WinWordLogo.contrast-white_scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\skins\winamp2.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraLargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\Sun.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\jsdt.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\THIRDPARTYLICENSEREADME.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\oregres.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\ext\nashorn.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\deployJava1.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\SmallLogoCanary.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Access2019R_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\Century Schoolbook.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageAppList.targetsize-256.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\shape_hexagon.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\DUBAI-REGULAR.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Network Sharing\ContentDirectory.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusiness2019R_OEM_Perp2-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\System.Spatial.NetFX35.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\_Resources\index.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.kk-kz.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Access2019VL_KMS_Client_AE-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Word2019R_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_glass_100_fdf5ce_1x400.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\meta\art\03_lastfm.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\keystore\libfile_keystore_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Content\holoLens\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPointVL_MAK-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdCO365R_Subscription-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\Spacer\1px.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs-nio2_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\keypad\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\symbols.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\npt.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerActions.exsd | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365BusinessDemoR_BypassTrial365-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\ar-SA\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\fr-FR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\fa\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\SystemX86\vcruntime140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_ogg_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ja.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PersonalR_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\194.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\eu\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ff\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\contrast-black\StoreMedTile.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Library\Analysis\PROCDB.XLAM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\AdjacencyReport.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-applemenu_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\CHAKRACORE.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Extensions.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libwav_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Office\Object.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\date-span-16.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\ar\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\da\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\PAPYRUS\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\kn\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GetStartedLargeTile.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsdeu.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\api-ms-win-core-synch-l1-2-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libpsychedelic_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppTiles\contrast-white\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Lib3mfUAP.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\id.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-core-processthreads-l1-1-1.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusiness2019R_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\VoiceRecorderSmallTile.contrast-black_scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\gu\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-150_8wekyb3d8bbwe\resources.pri | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppPackageBadgeLogo.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.targetsize-30_altform-unplated_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fr-CA\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-swing-outline.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdVL_MAK-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\WinWordLogo.contrast-black_scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\.lastModified | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremR_Subscription4-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\ChronologicalResume.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-black\Square150x150Logo.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\Office16\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\MTCORSVA.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\en-US\setup_wm.exe.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\include\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-oql_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStd2019R_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Graph.exe.manifest | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\resources.pri | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\stopNetworkServer | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\vi\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\manifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\pack200.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\keytool.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\BREEZE\BREEZE.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\CONCRETE\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\SUMIPNTG\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-modules-appui.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sampler_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\AccessRuntime2019_eula.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\contrast-black\Logo.scale-125_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\MusicStoreLogo.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1605.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\Autogen\JSByteCodeCache_64 | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\wsimport.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Cartridges\sql90.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\en-US\ProtectionManagement.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\MSOHTMED.EXE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.ServiceModel.Web.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-core-execution.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\StudentReport.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Home\RTL\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-black\Weather_LogoSmall.targetsize-24.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsfin.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\vi.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\playlist\liveleak.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OneNoteVL_MAK-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MEDIA\PUSH.WAV | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Place\RTL\contrast-black\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\Chevron.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_CN_5.5.0.165303\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbyrun.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OneNoteR_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.1.25002.0_neutral_~_8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\LiveTile\W2.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\ielowutil.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\WinWordLogo.contrast-white_scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\Cartridges\sql2000.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\contrast-white\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPoint2019VL_MAK_AE-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\UndoConfirm.ADT | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudiobargraph_a_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\AppxSignature.p7x | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\contrast-black\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-core-synch-l1-2-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\mraut.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\vccorlib140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\RICEPAPR\RICEPAPR.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\EppManifest.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\bg\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\PowerPntLogo.contrast-white_scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\1033\msointl30.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\BLUECALM\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib\zlibwapi.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\RedAndBlackLetter.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\resources.pri | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\StandardR_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power Map Excel Add-in\VISUALIZATIONENGINE.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Infragistics2.Win.v11.1.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GamesXboxHubMedTile.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageAppList.targetsize-24_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\Welcome.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdCO365R_SubTrial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\OFFICE16\LICLUA.EXE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.w3c.dom.events_3.0.0.draft20060413_v201105210656.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusiness2019R_Trial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-convert-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\client-issuance-bridge-office.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\SystemX86\mfc140enu.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GetStartedWideTile.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Professional2019R_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\api-ms-win-crt-environment-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\TimerSmallTile.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Home\LTR\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Place\LTR\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\COMPASS\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\dialogs\stream_window.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\en\SpreadsheetCompare_col.hxt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ExcelInterProviderRanker.bin | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\EDGE\EDGE.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\msmgdsrv.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\contrast-white\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Assets\Office\PlaneCutKeepTop.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.targetsize-96_altform-unplated_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.core_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Redshift\lib\OpenSSL64.DllA\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_~_8wekyb3d8bbwe\AppxMetadata\AppxBundleManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\zh-CN\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\MSSRINTL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\deploy\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProR_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudentR_Trial2-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStd2019R_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.Data.Recommendation.Client.Picasso.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_Subscription4-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProVL_KMS_Client-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGMN103.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\Office Setup Controller\Office.en-us\SETUP.CHM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Office\BooleanMerge.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-time-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\ext\sunpkcs11.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_output\libwingdi_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msadox28.tlb | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\EduWorks Data Streamer Add-In\MicrosoftDataStreamerforExcel.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\spu\libaudiobargraph_v_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\ClientARMRefer2019_eula.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\mfc140u.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusMSDNR_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\shape_torus.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\PowerPntLogo.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\cs\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Car\LTR\contrast-black\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\91.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Installer\chrome.7z | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\mfc140u.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MML2OMML.XSL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GamesXboxHubLargeTile.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_neutral_~_8wekyb3d8bbwe\AppxMetadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ui.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\javafx_iio.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\manifest.json | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\jvm.hprof.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-host.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\FirstRunLogoSmall.contrast-black_scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ko\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libcache_block_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\LTR\contrast-black\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\shuttle.3mf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\eclipse.inf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Outlook2019R_Trial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Mozilla Firefox\defaults\pref\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\co.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\api-ms-win-crt-filesystem-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-core-file-l1-2-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libwebvtt_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\LyncBasic_Eula.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL120.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\tnameserv.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\BLUEPRNT\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\STUDIO\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.targetsize-64_altform-unplated_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\default_apps\docs.crx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.alert.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\classlist | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\Document Parts\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSOSTYLE.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\proof.es-es.msi.16.es-es.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Place\contrast-black\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\dcpr.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\javax.el_2.2.0.v201303151357.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\BORDERS\MSART3.BDR | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MEDIA\EXPLODE.WAV | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_SubTest2-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ja\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\PackageManifests\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\api-ms-win-crt-stdio-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\AppxManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Bibliography\Style\HarvardAnglia2008OfficeOnline.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libps_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\DataLayer.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-black\Weather_LogoSmall.targetsize-256.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Standard2019VL_MAK_AE-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\audio_output\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Bibliography\Sort\TITLE.XSL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft.NET\ADOMD.NET\130\Microsoft.AnalysisServices.AdomdClient.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libsharpen_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\Double Wave_icon.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\epl-v10.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\release | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-keyring-impl.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jli.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\derby_common.bat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-sampler.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Microsoft.Office.Interop.Access.dao.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\256x256.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-runtime-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\jp2iexp.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppTiles\contrast-black\MapsAppList.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\contrast-black\AppPackageSmallTile.scale-125_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.text_3.5.300.v20130515-1451.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-threaddump.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\FileIcons\FileLogoExtensions.targetsize-256.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\nn\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\browser\crashreporter-override.ini | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libdshow_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libtransform_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Place\contrast-white\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\sr.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\deploy\messages_zh_TW.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\System\ole db\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\Lumia.ViewerPlugin\Assets\IconOpenInRefocus.contrast-high_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Contrast\contrast-white\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\plugin.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\TextConversionModule.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdXC2RVL_MAKC2R-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_O16EnterpriseVL_Bypass30-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OutlookR_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\EduWorks Data Streamer Add-In\MsoAriaCApiWrapper.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\HandPrints.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-editor-mimelookup.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PROOF\msspell7.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libwave_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\contrast-white\AppPackageMedTile.scale-100_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-modules-keyring-fallback.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-coredump.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_SubTest2-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.it-it.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.intro.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\PackageManifests\AuthoredExtensions.16.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365EduCloudEDUR_Subscription-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\comments.win32.bundle | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\_Resources\2.rsrc | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\hu.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-openide-compat.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-openide-compat.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-api-progress.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\POWERPNT.HXS | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\cardview-addtotable.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\co\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Assets\Office\ProjectionCylindric.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\MSInfo\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jsadebugd.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ach\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libdxva2_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\misc\libgnutls_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winClassicTSFrame.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-api-visual_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\1033\msointl30.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\api-ms-win-crt-private-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\GRPHFLT\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\vcruntime140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdR_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Office\move.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\plugin-container.exe.sig | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\skins\fonts\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_OEM_Perp6-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\LogoImages\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\sk\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\gstreamer-lite.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\fonts\LucidaBrightRegular.ttf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.databinding.property.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Windows Media Player\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\GamesXboxHubWideTile.scale-125_contrast-high.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdCO365R_SubTest-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\FPA_f14\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.DataWarehouse.Interfaces.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\playlist\newgrounds.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Personal2019R_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019VL_MAK_AE-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageSmallTile.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\et-EE\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-white\Weather_LogoSmall.targetsize-48.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Personal2019R_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPoint2019R_Trial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libtextst_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Photo Viewer\PhotoAcq.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\nb-NO\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\86.0.4240.111\MEIPreload\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\SATIN\SATIN.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Common.FileUtils.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OutlookR_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsptb.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\zu\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.net.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-settings.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\SystemX86\msvcp140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-fallback_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Integration\C2RManifest.dcfmui.msi.16.en-us.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\cy\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\dialogs\error_window.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-modules-masterfs.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-loaders_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AlarmsSmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Professional2019DemoR_BypassTrial180-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusiness2019R_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019VL_KMS_Client_AE-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStd2019VL_MAK_AE-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\da\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\resources.pri | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsjpn.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msader15.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\System\ole db\xmlrwbin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.services.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\lcms.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.jdp_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\j2pcsc.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\TimerMedTile.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Services\verisign.bmp | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msaddsr.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.1.25002.0_neutral_~_8wekyb3d8bbwe\AppxSignature.p7x | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Cartridges\as80.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\MINSBROAMINGPROXY.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\AFTRNOON\AFTRNOON.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\SKY\SKY.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppPackageMedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\bookicon.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PowerPointInterProviderRanker.bin | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Library\SOLVER\SOLVER32.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\PowerPntLogo.scale-80.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\msotd.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\LTR\contrast-black\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_~_8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\contrast-black\SplashScreen.scale-125_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageAppList.targetsize-40_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\README-JDK.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_win7.css | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusiness2019R_OEM_Perp3-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Professional2019R_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\AXIS\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\VBA\VBA7.1\1033\VBCN6.CHM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\librtpvideo_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\charsets.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\management\management.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Outlook2019R_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ar\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\meta_engine\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1605.0_x86__8wekyb3d8bbwe\resources.pri | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbyLocale_de_DE.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\images\cursors\win32_MoveNoDrop32x32.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\BORDERS\MSART11.BDR | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVOrchestration.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\en-us\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdR_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdR_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\lg\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraMedTile.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Messaging_3.2.24002.0_neutral_~_8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageAppList.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mk.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\5694B7BF-F90B-4679-9705-6AD758B21BEB\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\sr\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\ext\sunmscapi.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_EnterpriseSub_Bypass30-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\StandardR_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\BORDERS\MSART6.BDR | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libes_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\uarrow.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\PackageManifests\AppXManifest.90160000-001B-0000-1000-0000000FF1CE.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\210x173\8.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\management\jmxremote.password.template | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-125_8wekyb3d8bbwe\AppxManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\shapes_icon.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\HeroHelp\Scenario1.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_OEM_Perp4-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019MSDNR_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\epl-v10.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Common.MsoInterop.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PROOF\msth8ES.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Messaging_3.26.24002.0_x64__8wekyb3d8bbwe\Assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.core_2.3.0.v20131211-1531.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Professional2019R_PrepidBypass-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-locale-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraLargeTile.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdR_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\WINWORD_COL.HXC | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Bibliography\Style\CHICAGO.XSL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\1033\ALRTINTL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\mobile_browse.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\playlist\anevia_xml.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\et.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_66\lib\cmm\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\168.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\TimerMedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\contrast-white\WideLogo.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-core-windows_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\api-ms-win-core-xstate-l2-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\LTR\contrast-black\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\rmid.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-modules-templates.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\images\cursors\win32_CopyDrop32x32.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\mscss7cm_es.dub | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\asl-v20.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\offsym.ttf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PROOF\MSGR8FR.LEX | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Help\Keywords.HxK | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\Cartridges\Sybase.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\AppSharingChromeHook.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\tr-TR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\tnameserv.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\Attribution\weather_2_travel.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\ThinAppXManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\PhotosMedTile.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\contrast-black\Weather_TileLargeSquare.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GetStartedSmallTile.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.databinding.property.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\core\locale\org-openide-filesystems_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\AccessRuntime_eula.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Bibliography\Style\MLASeventhEditionOfficeOnline.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-crt-process-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageAppList.targetsize-40_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\jp2launcher.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Outlook2019R_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\FPA_f4\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\verify.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-modules-javahelp.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\1033\MAPISHELLR.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\tzdb.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libskiptags_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\images\Other-48.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-modules-editor-mimelookup-impl.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessPipcDemoR_BypassTrial365-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Media Renderer\DMR_48.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Car\RTL\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-jvm.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_222222_256x240.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libparam_eq_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\FPA_w1\WA104381125 | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\modules\simplexml.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019XC2RVL_MAKC2R-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-crt-convert-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\pt-BR.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-utilities.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudentR_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\EXPEDITN\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Car\LTR\contrast-white\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.jobs_3.6.0.v20140424-0053.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-core-kit.xml_hidden | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\JitV.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\System\ole db\xmlrw.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\es\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-attach.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Word2019R_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Ion.thmx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PersonalR_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libmpgv_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\contrast-black\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\IntegratedOffice.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-core-windows_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\feature.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7TSFrame.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\th\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageAppList.targetsize-72_altform-unplated_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\mshwLatin.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\ext\cldrdata.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStd2019VL_MAK_AE-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\ApothecaryResume.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\NETWORK\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\fur\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\contrast-white\AppPackageWideTile.scale-100_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\bg-BG\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProfessionalR_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\js\jquery.jstree.js | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Outlook2019VL_MAK_AE-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProR_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000042\assets\assets\images\assets_picker-account-addPerson-48.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\210x173\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\uz.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVManifest.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\SQLite3Wrapper.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.ko-kr.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsita.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\Cartridges\as90.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AlarmsWideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\SmallLogo.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\Triedit\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director_2.3.100.v20140224-1921.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\CSS7DATA000C.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libx264_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\keytool.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-coredump.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Work\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\it\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\Lumia.ViewerPlugin\Assets\IconOpenInRefocus.contrast-white_scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\dcfmui.msi.16.en-us.boot.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vreg\proof.en-us.msi.16.en-us.vreg.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Car\LTR\contrast-white\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\contrast-black\AppList.scale-125_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\swiftshader\libEGL.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\lib\org-openide-modules.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019R_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Interceptor.tlb | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\GamesXboxHubBadgeLogo.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\is.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppvIsvSubsystems32.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\VoiceRecorderMedTile.contrast-white_scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-black\Weather_TileMediumSquare.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Content\holoLens\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-charts.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\PPSLAX.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Skins\Revert.wmz | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraMedTile.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\GamesXboxHubWideTile.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremR_Subscription3-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OneNoteVL_MAK-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\PlatformCapabilities\WordCapabilities.json | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\1033\OCLTINT.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\ClientWMIInstall.mof | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\DbgHelp.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-javahelp_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\sr-Latn-RS\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-cli.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\CONCRETE\CONCRETE.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Office\EmbossContour.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\keypad.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.ibm.icu_52.1.0.v201404241930.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\osmuxmui.msi.16.en-us.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\tmpersistence_xl.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\be\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Network Sharing\MediaReceiverRegistrar.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-core-io-ui.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.WorkflowServices.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\control\libnetsync_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\zip.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\VBA\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_OEM_Perp4-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Client\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_SubTrial3-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL104.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\browser\VisualElements\VisualElements_70.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\html\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.syntheticnotification.exsd | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSOSYNC.EXE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libmft_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\resources.pri | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Excel2019R_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019MSDNR_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\DEEPBLUE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Infragistics2.Win.UltraWinTabControl.v8.1.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-sendopts_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\Tw Cen MT-Rockwell.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.1.25002.0_neutral_~_8wekyb3d8bbwe\AppxBlockMap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\epl-v10.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Car\RTL\contrast-black\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-openide-util-enumerations.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_66\lib\images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\MSJHBD.TTC | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\423x173\30.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\api-ms-win-crt-string-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\EduWorks Data Streamer Add-In\Microsoft.Office.Tools.Common.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PersonalPipcR_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\STRTEDGE\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\fi\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\shape_cone.3mf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Internet Explorer\images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_Subscription4-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL116.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\Moon_icon.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\am.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib\1033\SQLENGINEMESSAGES.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\CAPSULES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Filters\odffilt.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PublisherR_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power Map Excel Add-in\EXCELPLUGINSHELL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\mscss7en.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GetStartedAppList.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\en-US\hmmapi.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProR_Retail2-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derby.war | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.docs_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-ui_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\sr-Cyrl-BA\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.transport.ecf_1.1.0.v20140408-1354.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Bibliography\Sort\YEAR.XSL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib\sbicuin58_64.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\System\ado\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\psfont.properties.ja | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\org-netbeans-lib-profiler-charts.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdCO365R_SubTrial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Bibliography\Sort\TAG.XSL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\RADIAL\RADIAL.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\423x173\40.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\javacpl.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\epl-v10.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\FirstRunLogoSmall.contrast-black_scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.targetsize-64_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OutlookR_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019XC2RVL_MAKC2R-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.eclipse.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\nacl_irt_x86_64.nexe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\jdwp.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusE5R_SubTrial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MEDIA\APPLAUSE.WAV | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\powerpoint.x-none.msi.16.x-none.boot.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\en-US\msdaremr.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\jli.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.HostIntegration.Connectors.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\OsfTaskengine.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-nodes.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdXC2RVL_MAKC2R-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPoint2019R_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProfessionalR_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdVL_KMS_Client-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\pl-PL\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\ktab.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Word2019R_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\proofing.msi.16.en-us.boot.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ar-SA\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOMessageProvider.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStd2019VL_KMS_Client_AE-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\ja\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ug\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\TextureBitmaps\granite.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\Spacer\3px.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\3RDPARTY | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\jawt.lib | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\fi\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ReachFramework.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\210x173\4.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\orbd.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\ext\access-bridge-64.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Cartridges\hive.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\FirstRunLogo.contrast-white_scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppTiles\MapsSmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\CubeTile_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\zh-TW\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\java.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Integration\Integrator.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudent2019R_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-black\Weather_SplashScreen.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppPackageStoreLogo.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageAppList.targetsize-36_altform-unplated_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fi-FI\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\VoiceRecorderAppList.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\contrast-white\AppPackageLargeTile.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipscsy.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremDemoR_BypassTrial365-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdR_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019R_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\VoiceRecorderLargeTile.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\pl.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\sound.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\COMPASS\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\liboggspots_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PublisherVL_MAK-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office15\pkeyconfig-office.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremR_SubTrial1-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\iheart-radio.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\OFFICE16\Office Setup Controller\pkeyconfig-office.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\plugin.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProR_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\OARTODF.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\jsdt.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\server\classes.jsa | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\DESIGNER\MSADDNDR.OLB | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\ICE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\1033\MSSOAPR3.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\WorldClockLargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\deploy\messages_ja.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\da\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Help\NamedUrls.HxK | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Colors\Violet.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PersonaSpy\office.core.operational.js | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\WinWordLogo.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000042\assets\assets\images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\msoshext.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\vccorlib140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_Subscription1-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PersonalDemoR_BypassTrial180-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Excel2019R_Trial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libedgedetection_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\en-US\msadcer.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Excel2019R_Trial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Assets\Office\Group.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\heart.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\de.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\PackageManifests\AppXManifest.90160000-001F-0409-1000-0000000FF1CE.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\BREEZE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\SystemX86\vccorlib140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\contrast-black\iheart-radio.scale-125_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\155.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskclearui.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-queries.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power Map Excel Add-in\VISUALIZATIONCHART.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\jre\lib\cmm\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProO365R_SubTest-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.docs.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-openide-explorer.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MUAUTH.CAB | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\br\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageAppList.targetsize-64_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.hu-hu.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\FlickLearningWizard.exe.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\uz\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\contrast-white\MusicStoreLogo.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageAppList.targetsize-256_altform-unplated_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019R_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft\OFFICE\SharePointPortalSite.ico | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\an\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_~_8wekyb3d8bbwe\AppxBlockMap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\en\Common.FileUtils.Resources.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-150_8wekyb3d8bbwe\AppxBlockMap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.w3c.dom.smil_1.0.0.v200806040011.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Access2019R_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\msvcp140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\zh_TW\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\Logo.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\classlist | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProCO365R_SubTrial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.WindowsAzure.StorageClient.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\AppxBlockMap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\Spacer\10px.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.registry_3.5.400.v20140428-1507.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Excel2019R_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Windows NT\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\LiveTile\W1.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\api-ms-win-crt-time-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_flat_10_000000_40x100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-oql.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL090.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Northwoods.Go.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.core.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\FirstRunLogo.contrast-black_scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.DataWarehouse.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_mosaic_bridge_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\lib\nbexec.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdO365R_SubTrial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProVL_KMS_Client-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\IA2Marshal.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\sd\icecast.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.targetsize-24_altform-unplated_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Access2019VL_MAK_AE-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\ext\sunec.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\ucrtbase.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_autodel_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\content-types.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\Rectangle_icon.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-autoupdate-cli.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdXC2RVL_MAKC2R-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ru\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Management.Instrumentation.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_winxp_blu.css | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProXC2RVL_MAKC2R-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraSmallTile.contrast-black_scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\VoiceRecorderWideTile.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Office\PlaneCutMove.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessPipcR_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\423x173\29.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\AppvIsvSubsystems64.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGMN114.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_OEM_Perp2-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\SPRING\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\SUMIPNTG\SUMIPNTG.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AlarmsMedTile.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\TextureBitmaps\fishfosl.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppPackageSmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.equinox_1.0.500.v20131211-1531.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Access2019R_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-oql.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MEDIA\DRUMROLL.WAV | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\dialogs\create_stream.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Assets\Office\BooleanIntersect.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbyLocale_pl.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\security\cacerts | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGMN048.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\SyncFusion.Compression.Base.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\174.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jmx_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPointR_Trial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\mscss7wre_fr.dub | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PROOF\msgrammar8.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\TRANSLAT\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-white\StoreLogo.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_OEM_Perp3-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019XC2RVL_MAKC2R-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\IRIS\IRIS.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Word2019R_Trial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.DataIntegration.FuzzyMatching.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Place\RTL\contrast-black\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\setEmbeddedCP.bat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProCO365R_SubTrial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ro\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\FrameworkList.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\423x173\13.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\Delete.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\TRANSLAT\ESEN\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\423x173\7.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\powerpoint.x-none.msi.16.x-none.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\423x173\0.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\CancelGlyph.16.GrayF.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\proof.fr-fr.msi.16.fr-fr.boot.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_glass_65_ffffff_1x400.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\wmprph.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Place\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\172.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\resources.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_BypassTrial180-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Word2019VL_MAK_AE-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Contrast\Contrast-black\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\shape_sphere.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\tzmappings | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Access2019VL_KMS_Client_AE-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\contrast-white\StoreSmallTile.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\ModuleAutoDeps\org-netbeans-modules-queries.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_nv12_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\1033\MSOINTL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Car\LTR\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\Spacer\8px.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\unpack200.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusinessVL_MAK-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProfessionalR_Trial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\Microsoft.Excel.AdomdClient.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.forms_3.6.100.v20140422-1825.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365BusinessR_SubTrial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationBuildTasks.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\Attribution\accuweather.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\nb-NO\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-attach.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Excel2019VL_KMS_Client_AE-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProVL_MAK-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RCom.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-swing-plaf.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.ReportingServices.ReportDesign.Forms.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraSplashScreen.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Workflow\NavColumn_Black\Icon_Printer.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.update.configurator.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-actions_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProXC2RVL_MAKC2R-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000042\mecontrol.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\LoanAmortization.xltx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_record_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-javahelp_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\server\jvm.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libvnc_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\MsMpRes.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Personal2019R_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\Cartridges\msjet.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\11.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\rsod\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSO40UIRES.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\GRPHFLT\MS.JPG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\contrast-white\AppList.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Windows Media Player\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStd2019R_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\WinWordLogo.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\eu\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\sound.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Professional2019R_PrepidBypass-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\AccessR_Trial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\hy\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\fi-FI\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\Bears.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll.sig | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses\c2rpridslicensefiles_auto.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\excel-udf-host.win32.bundle | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\SyncFusion.XlsIO.Base.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_neutral_~_8wekyb3d8bbwe\AppxSignature.p7x | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Access2019R_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ACEERR.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusiness2019R_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL112.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\es\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\is\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libscte18_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libaribcam_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\OrangeCircles.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\client-issuance-root.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\wmlaunch.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Office\NewScene.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019R_PrepidBypass-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\SATIN\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libmotionblur_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\lib\nbexec.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\BLUEPRNT\BLUEPRNT.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libbluescreen_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\resources.pri | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000011\FA000000011 | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GetStartedSmallTile.scale-200_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\schemagen.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\1033\QuickStyles\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\offsyml.ttf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.rcp.product_5.5.0.165303\feature.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\TextConv\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft.NET\ADOMD.NET\130\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessPipcR_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\browser\features\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Windows Media Player\Icons\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\WinWordLogoSmall.contrast-black_scale-80.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Work\contrast-white\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_gtk.css | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPoint2019VL_MAK_AE-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Smart Tag\IETAG.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.pt-pt.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Standard2019MSDNR_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProXC2RVL_KMS_ClientC2R-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\api-ms-win-core-file-l2-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Web Server Extensions\16\BIN\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\sl\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\skins\fonts\FreeSansBold.ttf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\es-MX\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019XC2RVL_MAKC2R-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\ext\cldrdata.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OneNoteR_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019R_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.Excel.MDXQueryGenerator.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\VBA\VBA7.1\1033\VBUI6.CHM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-multibyte-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\about.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Place\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office 15\ClientX64\IntegratedOffice.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\am\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\TimerLargeTile.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\shape_cube.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power View Excel Add-in\Microsoft.ReportingServices.Authorization.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\Lumia.ViewerPlugin\Assets\IconEditRichCapture.contrast-high_scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_gather_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-core-synch-l1-2-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Home\LTR\contrast-white\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\include\classfile_constants.h | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\1033\VVIEWRES.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdO365R_SubTest-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGMN120.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\210x173\30.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ku.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\da.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_~_8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\tr-TR\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.DocumentServices.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\GRAPH.ICO | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\sdxs\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\SyncFusion.Tools.Base.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\RTL\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\resources.pri | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Effects\Top Shadow.eftx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\AccessR_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Organic.thmx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProXC2RVL_KMS_ClientC2R-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Common.DBConnection.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\video_output\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\RTL\contrast-black\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Office\clone.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\about.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\charsets.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\hr\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\WATER\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\OSFPROXY.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\Triangle.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\appletviewer.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\security\blacklisted.certs | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\api-ms-win-crt-filesystem-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PublisherR_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\Cartridges\sql90.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\mai\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\210x173\82.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Microsoft3DViewer_1.1702.21039.0_neutral_~_8wekyb3d8bbwe\AppxMetadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\msvcr100.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-coredump.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Assets\GetStartedAppList.targetsize-256_altform-unplated_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\sqmapi_x64.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\TimerMedTile.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_OEM_Perp2-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraSmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\150.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\leftnav.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-uisupport.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\THIRDPARTYLICENSEREADME.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.jarprocessor_1.0.300.v20131211-1531.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProfessionalPipcR_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Windows Mail\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Collections\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\oledb32r.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\iexplore.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\api-ms-win-core-xstate-l2-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\Cartridges\as90.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\DcfMsoWrapper.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\Lumia.ViewerPlugin\Assets\IconEditRichCapture.contrast-white_scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\PhotosWideTile.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\LightBlue.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdO365R_Subscription-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft Help\MS.MSOUC.16.1033.hxn | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\PROFILE\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\WindowsFormsIntegration.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-core-multiview.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-white\Square44x44Logo.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\NL7MODELS0009.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\adal.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power Map Excel Add-in\EXCELPLUGINDATAPROVIDER.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender Advanced Threat Protection\en-US\MsSense.exe.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\com.oracle.jmc.executable.win32.win32.x86_64_5.5.0 | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.ReportingServices.ReportDesign.Common.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib\sbicuuc58_64.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Infragistics2.Win.Misc.v11.1.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\lt\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\CONCRETE\CONCRETE.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\Cartridges\sqlpdw.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ExcelFloatieTextModel.bin | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Assets\GetStartedAppList.targetsize-20_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.eclipse_2.1.200.v20140512-1650.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\sunec.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\Georgia.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\Mso98win32client.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\Lumia.ViewerPlugin\Assets\IconEditMoment.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GamesXboxHubMedTile.scale-200_contrast-high.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.forms.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-io_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Integration\Addons\OneDriveSetup.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\fre\StartMenu_Win8_RTL.mp4 | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\LivePersonaCard\images\default\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\PROOF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libmkv_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\org-netbeans-core-windows_visualvm.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Home\contrast-black\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Windows Defender\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\PhotosAppList.contrast-black_scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ExcelVL_MAK-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\npvlc.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPoint2019VL_MAK_AE-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\TextureBitmaps\pitissue.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\lt.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\manifest.json | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Standard2019MSDNR_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\Cartridges\orcl7.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\hr\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Home\RTL\contrast-white\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\contrast-white\Logo.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\include\jni.h | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\Office16\OSPPREARM.EXE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\contrast-black\AppPackageSplashScreen.scale-125_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\THIRDPARTYLICENSEREADME-JAVAFX.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-core.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler-ui.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\CLVIEW.EXE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\PhotosWideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\ext\meta-index | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\ext\sunpkcs11.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power Map Excel Add-in\MICROSOFT.DATA.RECOMMENDATION.COMMON.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PG_INDEX.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\meta\art\00_musicbrainz.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libgme_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Photo Viewer\en-US\PhotoAcq.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\pt-BR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\instrument.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\XML2WORD.XSL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\STRTEDGE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\bg\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1605.0_x86__8wekyb3d8bbwe\Microsoft.Advertising.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_SubTrial5-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\HelpIcon_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\167.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\si.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.jetty.servlet_8.1.14.v20131031.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\msvcp120.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ExcelR_Trial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_SubTrial4-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Outlook2019R_Trial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusiness2019R_Trial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\LTR\contrast-white\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\el-GR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskclearui\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\StoreLogo.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.targetsize-48_altform-unplated_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\PhotosMedTile.contrast-white_scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Car\RTL\contrast-black\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\ext\jfxrt.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\CLVWINTL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MEDIA\TYPE.WAV | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\Images\Ratings\Yelp9.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Home\contrast-white\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-openide-dialogs.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_OEM_Perp3-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.jface.databinding.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-uihandler.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-crt-private-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ku-ckb.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVPolicy.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_OEM_Perp3-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\ko\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStd2019VL_KMS_Client_AE-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdO365R_Subscription-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\MpSvc.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\shape_cylinder.3mf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.components.ui_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-modules-editor-mimelookup.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Wordconv.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\WATERMAR\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_ffd27a_256x240.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\StopwatchWideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\TrafficHub\contrast-black\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Assets\GetStartedAppList.targetsize-24_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\macGrey.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudentR_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\msmdlocal_xl.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\STRTEDGE\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vreg\wordmui.msi.16.en-us.vreg.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ta\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Assets\Office\Rotate.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\AccessR_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_SubTest1-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\hprof-16.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PROOF\MSSP7EN.dub | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\eo.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-core-xstate-l2-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\deploy\messages_ko.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\misc\libaudioscrobbler_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\deploy\splash.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\PhotosSmallTile.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Integration\C2RInt.16.msi | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LivePersonaCard\images\default\linkedin_ghost_school.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\SPREADSHEETCOMPARE.EXE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\Images\Ratings\Yelp10.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\shape_pyramid.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\Weather_TileLargeSquare.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\security\javaws.policy | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-selector-api.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-sendopts_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-swing-outline_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019MSDNR_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\GamesXboxHubSmallTile.scale-125_contrast-high.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_CN_5.5.0.165303\feature.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\AccessR_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\osfFPA\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\PROFILE\PROFILE.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_~_8wekyb3d8bbwe\AppxSignature.p7x | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Microsoft3DViewer_1.1702.21039.0_x64__8wekyb3d8bbwe\AppxMetadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\feature.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\feature.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\af.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\SDXHelperBgt.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\si\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageMedTile.scale-200_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\InputPersonalization.exe.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsplk.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\PackageManifests\AppXManifest.90160000-001F-0C0A-1000-0000000FF1CE.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Ion Boardroom.thmx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_Trial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.DirectoryServices.AccountManagement.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\Lumia.ViewerPlugin\Assets\IconOpenInCinemagraph.contrast-high_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Place\LTR\contrast-black\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\plugin.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.http.jetty_3.0.200.v20131021-1843.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-black\StoreLogo.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageStoreLogo.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\jce.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusiness2019R_OEM_Perp4-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_SubTest3-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Smart Tag\FSTOCK.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\DESIGNER\MSADDNDR.OLB | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\Content.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\license.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libhttps_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\uk-UA\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ar.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\offsymsb.ttf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power View Excel Add-in\BI-Report.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000008\FA000000008 | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\TRANSLAT\ESEN\MSB1ESEN.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Colors\Blue Green.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OutlookVL_KMS_Client-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\PhotosLargeTile.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\playlist\soundcloud.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color32.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\de\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019VL_MAK_AE-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-openide-text.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.Office.PowerPivot.ExcelAddIn.tlb | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\ExcelLogoSmall.contrast-black_scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\api-ms-win-crt-time-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libinvert_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-heap-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\zh-CN.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\xmsrv_xl.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\mfc140u.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\WINGDNG3.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\Cartridges\sql70.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\VoiceRecorderWideTile.contrast-white_scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Assets\Office\Ungroup.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\173.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\stream_filter\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libsdp_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Client.Excel.Extensions.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.browser.jdp_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\lib\jfluid-server-15.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\VPREVIEW.EXE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\api-ms-win-crt-private-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ps\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\wmpnetwk.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.tr-tr.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npdeployJava1.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\management.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019DemoR_BypassTrial180-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGMN027.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\api-ms-win-crt-convert-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AlarmsSmallTile.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageAppList.targetsize-64_altform-unplated_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\7-Zip\Lang\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\gl.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application-views_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\deploy\messages_sv.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\IRIS\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_output\libwgl_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.ui.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.jetty.util_8.1.14.v20131031.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_EnterpriseSub_Bypass30-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color120.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\include\win32\jawt_md.h | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-application-views.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\201.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender Advanced Threat Protection\WATPCSP.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageAppList.targetsize-24.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_66\lib\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\IVY.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Content\desktop\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\EduWorks Data Streamer Add-In\DataStreamerLibrary.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Resources\cursorXBOX_active.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-editor-mimelookup-impl.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Cartridges\sql120.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Microsoft.Office.PolicyTips.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\BLUECALM\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-black\Square44x44Logo.targetsize-48_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\feature.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_OEM_Perp4-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\proof.en-us.msi.16.en-us.boot.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\Office Setup Controller\Office.en-us\BRANDING.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ka.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019R_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Licenses16\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\Cultures\OFFICE.ODF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\SLATE\SLATE.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\sv\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PROOF\MSSP7FR.dub | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\bci.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\ExcelLogoSmall.contrast-black_scale-80.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Container.NetFX40.exe.config | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\STSUPLD.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\mip_telemetry.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\LiveTile\Icons_Icon_PoP_sm.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\security\blacklist | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStd2019R_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\ExcelLogoSmall.contrast-black_scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\TimeCard.xltx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\VoiceRecorderMedTile.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Assets\Office\ResetCoord.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbyLocale_ko_KR.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\GRAPH.HXS | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\FilterModule.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_sse2_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ga.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-api-visual.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-selector-ui.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPointR_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\Weather_TileSmallSquare.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\v8_context_snapshot.bin | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.console.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\be\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\resources.pri | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\423x173\91.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProCO365R_SubTrial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStd2019VL_MAK_AE-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\MANIFEST.MF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudentDemoR_BypassTrial180-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\REFSPCL.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\StopwatchMedTile.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Place\contrast-black\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\include\jvmti.h | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Excel2019R_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\ext\sunmscapi.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.ui_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\api-ms-win-crt-math-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\Common AppData\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Infragistics2.Win.UltraWinTabControl.v11.1.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.et-ee.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\i640.cab.cat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Common\ReadMe.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1605.0_x64__8wekyb3d8bbwe\AppxSignature.p7x | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Xml.Linq.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\css\mobile.css | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiling_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusVL_MAK-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1605.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\ExcelLogo.contrast-black_scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\nb\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\AppxSignature.p7x | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\VVIEWDWG.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusiness2019R_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.ReportingServices.RsClient.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL002.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\SONORA\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\api-ms-win-core-file-l2-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\TextConv\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\fonts\LucidaSansDemiBold.ttf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageStoreLogo.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Mozilla Firefox\browser\VisualElements\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libvhs_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\EduWorks Data Streamer Add-In\MicrosoftDataStreamerforExcel.vsto | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\AppxSignature.p7x | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\jvm.lib | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-api-caching.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Common.DatabaseServices.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\vcruntime140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Windows Security\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\misc\liblogger_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\eclipse_1665.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\api-ms-win-crt-conio-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\intf\cli.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Place\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageAppList.targetsize-36_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.http.servlet_1.1.500.v20140318-1755.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\extensions\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.Activities.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Media Renderer\RenderingControl.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\AppxManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1605.0_x64__8wekyb3d8bbwe\Microsoft.Advertising.winmd | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.bidi_0.10.0.v20130327-1442.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.workbench.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\.lastModified | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000042\index.win32.stats.json | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\IGX.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\osmuxmui.msi.16.en-us.boot.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\Blog.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\WorldClockMedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Car\RTL\contrast-black\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msado21.tlb | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\feature.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_mac.css | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-oql.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Outlook2019R_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libmirror_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\StopwatchSmallTile.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageAppList.targetsize-24_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\cmm\GRAY.pf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.apache.commons.logging_1.1.1.v201101211721.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Bibliography\Style\GB.XSL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-core-localization-l1-2-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\plus.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\api-ms-win-crt-environment-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProO365R_Subscription-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Templates\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Workflow\Density_Hollow.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\lib\locale\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\sk\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProR_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL054.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\requests\playlist_jstree.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\Images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Office\Rotate.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\ro-RO\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremR_Subscription5-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Microsoft.Advertising\ormma.js | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_Trial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\SAMPLES\SOLVSAMP.XLS | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libudp_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraSmallTile.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.pt-br.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\native2ascii.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\EXPEDITN\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ug.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft Help\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme_0.9.300.v20140424-2042.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\contrast-white\StoreMedTile.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\contrast-black\Logo.scale-200_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\feature.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\mailapi.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\MSQRY32.CHM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\AppxClickHandler.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-heapwalker_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-heapwalker.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Excel2019R_Trial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\xmsrv.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\lv-LV\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ta.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\glib-lite.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Smart Tag\METCONV.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Outlook2019R_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\StopwatchMedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Effects\Banded Edge.eftx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib\LibCurl64.DllA\libcurl.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Home\contrast-black\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\VoiceRecorderLargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Assets\GetStartedAppList.targetsize-24_altform-unplated_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-core-io-ui_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\api-ms-win-crt-convert-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\Images\Ratings\Yelp6.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\PhotosSmallTile.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\WorldClockMedTile.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\java_crw_demo.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libmpg123_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSOHTMED.EXE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\RTL\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\contrast-white\Logo.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-application.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Publisher2019VL_MAK_AE-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\contrast-black\Weather_TileWide.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_avi_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\WordR_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.diagnostic.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Personal2019DemoR_BypassTrial180-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\mip_upe_sdk.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\browser\blocklist.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\WMPMediaSharing.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Messaging_3.26.24002.0_x64__8wekyb3d8bbwe\Assets\Sounds\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_Subscription4-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdO365R_SubTest-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\api-ms-win-crt-locale-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\PackageManifests\AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\Cartridges\Informix.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libsid_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\Lumia.ViewerPlugin\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\i640.hash | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-core_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\Chevron_icon.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\stdole.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\Offline\OfflineScannerShell.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\Consolas-Verdana.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_SubTest3-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\BLENDS\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\RADIAL\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libmicrodns_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\AppxBlockMap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\servertool.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\toc.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\System\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\191.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSOARIACAPI.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\libvlccore.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Colors\Blue II.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\TrafficHub\contrast-black\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-impl_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power View Excel Add-in\Microsoft.PowerBI.Diagnostics.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\api-ms-win-crt-time-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\dcf.x-none.msi.16.x-none.boot.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Mozilla Firefox\uninstall\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\co\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libshm_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-openide-text.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-core-multitabs_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-autoupdate-services.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\AccessibleMarshal.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\chrome_proxy.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Collections\contrast-black\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MEDIA\WIND.WAV | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSOSPECTRE.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\Cartridges\as90.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\86.0.4240.111.manifest | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\com.jrockit.mc.rcp.product_root_5.5.0.165303 | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\RTL\contrast-white\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Workflow\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\Square44x44Logo.targetsize-24_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.databinding.observable_1.4.1.v20140210-1835.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Outlook2019VL_MAK_AE-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\GamesXboxHubStoreLogo.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\ARCTIC\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Photo Viewer\en-US\ImagingDevices.exe.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\images\cursors\win32_LinkNoDrop32x32.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libcrystalhd_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\WinWordLogo.contrast-white_scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-black\Square44x44Logo.targetsize-16.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdCO365R_SubTest-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\cs\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.targetsize-36_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdCO365R_Subscription-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019R_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\af\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libx265_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\12.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-openide-actions.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Effects\Reflection.eftx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\fre\StartMenu_Win10_RTL.mp4 | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\dialogs\batch_window.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\WINWORD_COL.HXT | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-openide-options.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStd2019VL_KMS_Client_AE-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdCO365R_Subscription-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\BOLDSTRI\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\js\ui.js | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\olh001.htm | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-autoupdate-ui.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Microsoft.Vbe.Interop.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\contrast-black\WideLogo.scale-125_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\82.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Assets\GetStartedAppList.targetsize-24.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib\OpenSSL64.DllA\zlibwapi.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\osmux.x-none.msi.16.x-none.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\control\libgestures_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-actions_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdVL_KMS_Client-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Smart Tag\LISTS\1033\TIME.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\msvcp140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.configuration_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-core-io-ui.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib\1033\ODBCMESSAGES.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\mr.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\javax.xml_1.3.4.v201005080400.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PublisherR_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-spi-actions.xml_hidden | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\api-ms-win-crt-utility-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\meta\art\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\requests\playlist.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\ECLIPSE_.SF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\browser\features\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.descriptorProvider.exsd | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-jvmstat.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\Configuration\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\zh_TW\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\contrast-white\WideLogo.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\it-IT\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\pt-br.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\te\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\license.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\or\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Library\SOLVER\SOLVER.XLAM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\en-us\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.help.ui.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\api-ms-win-core-processthreads-l1-1-1.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\ECLIPSE_.RSA | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\core\com-sun-tools-visualvm-modules-startup.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdO365R_SubTest-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\QuickStyles\bwclassic.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\liberase_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\Defendericon.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\MpAzSubmit.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-api-search.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-heapwalker.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Home\RTL\contrast-black\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\PackageManifests\AppXManifest.90160000-00C1-0000-1000-0000000FF1CE.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\Cartridges\sql2000.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\5.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\glass.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\configuration\org.eclipse.update\platform.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-openide-execution.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OneNoteR_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\WATERMAR\WATERMAR.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\MSBuild\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\3.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.expressions_3.4.600.v20140128-0851.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.osgi_3.10.1.v20140909-1633.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_SubTest2-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\mai\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\WorldClockSmallTile.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\LTR\contrast-black\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\ECLIPSE_.SF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sa_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\POWERPNT_F_COL.HXK | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL086.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libddummy_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-modules-autoupdate-ui.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPoint2019VL_KMS_Client_AE-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Client.Excel.Themes.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\System\mfc140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\lib\deployed\jdk15\windows-amd64\profilerinterface.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_Retail3-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\contrast-white\WideLogo.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019XC2RVL_MAKC2R-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSPPT.OLB | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\keystore\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\sd\jamendo.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\epl-v10.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-selector-api.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppTiles\contrast-white\MapsSmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL111.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libswscale_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-black\Icon.targetsize-48.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-150_8wekyb3d8bbwe\AppxSignature.p7x | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.targetsize-36_altform-unplated_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.equinox.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OneNoteR_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libflacsys_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraLargeTile.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.ui_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProXC2RVL_KMS_ClientC2R-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSO0127.ACL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libantiflicker_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power Map Excel Add-in\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\sr-Cyrl-RS\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\C2R32.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPointR_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\images\Audio-48.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\PlatformCapabilities\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libheadphone_channel_mixer_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\wmplayer.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\55.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\security\cacerts | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\lg\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\SETLANG_F_COL.HXK | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\WinWordLogoSmall.contrast-black_scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\es\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL027.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\SpreadsheetIQ.ExcelServices.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ps\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-options-keymap.xml_hidden | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019R_PrepidBypass-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Word2019R_Trial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-core-xstate-l2-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.ComponentModel.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\Welcome.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_Trial2-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\concrt140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppTiles\contrast-black\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\LiveTile\W4.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\startNetworkServer.bat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OneNoteR_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\QUAD\QUAD.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\api-ms-win-crt-multibyte-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ar\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Office\BooleanSubtract.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\tabskb.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\javafx.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusVL_MAK-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdXC2RVL_MAKC2R-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\StopwatchLargeTile.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Home\contrast-white\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\sqlxmlx.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\cs.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\MANIFEST.MF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\requests\status.json | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk_1.0.300.v20140407-1803.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\java-rmi.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\fontconfig.bfc | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudent2019R_Trial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\lv\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\jfxmedia.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.app_1.0.300.v20140228-1829.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libdiracsys_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProR_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Smart Tag\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\Cartridges\trdtv2r41.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Common.ExcelServices.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\control\libwin_msg_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\dropins\README.TXT | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PROOF\MSSP7EN.LEX | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\security\java.security | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Home\LTR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\TextureBitmaps\bouquet.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbytools.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\ECHO\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color48.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\resources.pri | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winClassicHandle.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\WordCombinedFloatieModel.bin | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\intf\modules\host.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_wasapi_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GamesXboxHubBadgeLogo.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Microsoft.Advertising\bootstrap.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\contrast-white\AppPackageStoreLogo.scale-100_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Assets\GetStartedAppList.targetsize-256_altform-unplated_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jcmd.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\management\management.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.osgi.services_3.4.0.v20140312-2051.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Microsoft.Office.Interop.Excel.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\javafxpackager.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Office\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremR_Subscription2-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPointR_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusiness2019VL_KMS_Client_AE-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\th\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\OSFSHARED.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\Mso50win32client.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Place\LTR\contrast-white\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskclearui\oskclearuibase.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-keymap_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\STSLIST.CHM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\PhotosLargeTile.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\GamesXboxHubSplashScreen.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\mix.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.scheduler_1.2.0.v20140422-1847.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft Help\MS.SETLANG.16.1033.hxn | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\msmdlocal.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\msvcr120.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-modules-options-keymap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libanaglyph_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\resources.dba79ab6.pri | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PublisherR_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\NewCommentRTL.White.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ExcelR_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\update-settings.ini | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\LiveTile\W5.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-loaders_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-progress-ui.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\SmallLogoDev.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\client-issuance-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStd2019R_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Spatial.NetFX35.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MEDIA\BREEZE.WAV | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PersonalR_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Publisher2019R_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\logging.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\SmallLogo.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\CANYON\CANYON.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\THEMES.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\crashreporter.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\TextureBitmaps\purmesh.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\ConvertToUndo.wma | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Outlook2019R_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\203.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\TrafficHub\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\GamesXboxHubSmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\ext\meta-index | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PublisherVL_MAK-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdCO365R_SubTest-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\WacLangPack2019Eula.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Bibliography\Style\ISO690Nmerical.XSL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\fy\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\ModuleAutoDeps\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-api_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\en\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libalphamask_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-openide-compat.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\ARIALNI.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\db\bin\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\FPA_f14\FA000000014 | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\Resources\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\en.ttt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-core-timezone-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-heapdump_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdXC2RVL_MAKC2R-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Redshift\lib\sbicudt53_64.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\VISSHE.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\Updates\Apply\FilesInUse\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\System\FM20ENU.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\descript.ion | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.eclipse.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudentVNextR_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsfra.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-snaptracer_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\PowerPntLogo.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\Resources\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\asl-v20.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-settings.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Library\EUROTOOL.XLAM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Source Engine\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Microsoft.Office.Interop.Access.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\System\MSCOMCTL.OCX | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ko\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\dialogs\browse_window.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\images\cursors\win32_LinkNoDrop32x32.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Work\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Uninstall.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-keyring.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\km\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.DynamicData.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\contrast-black\AppPackageSplashScreen.scale-100_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-progress-ui_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\SATIN\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.common_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-openide-util-enumerations.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\RADIAL\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskpred\oskpredbase.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\j2pcsc.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Publisher2019R_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OutlookR_Trial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\Cartridges\Sybase.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\VoiceRecorderMedTile.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.id-id.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\MANIFEST.MF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Mail\msoe.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\WorldClockWideTile.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\Weather_TileSmallSquare.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\tpcps.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProCO365R_Subscription-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ql.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\WordR_Trial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\license.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.eclipse_1.1.200.v20140414-0825.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\VVIEWER.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Outlook2019VL_KMS_Client_AE-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdR_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProfessionalR_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdO365R_SubTrial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.AnalysisServices.Common.Wizard.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ExcelFloatieXLEditTextModel.bin | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\vcruntime140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\FileIcons\FileLogoExtensions.targetsize-16.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.apache.batik.util_1.7.0.v201011041433.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoVL_MAK-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProXC2RVL_KMS_ClientC2R-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\BOLDSTRI\BOLDSTRI.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\msmdlocal.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Work\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\fil.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\LogoBeta.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libvdr_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\shape_tetrahedron.3mf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_Trial2-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\DW\DBGHELP.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\msowerrelief.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOIDCLIL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1605.0_x86__8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudent2019R_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\ApothecaryNewsletter.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusiness2019VL_MAK_AE-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\api-ms-win-crt-string-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageAppList.targetsize-256_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Integration\C2RManifest.OSMUX.OSMUX.x-none.msi.16.x-none.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdO365R_SubTrial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.addons.swt.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-keyring.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-profiler.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Mail\en-US\WinMail.exe.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Car\LTR\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\158.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsptg.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\default_apps\external_extensions.json | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\AppxSignature.p7x | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\shape_hexagon.3mf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\Mso30win32client.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Assets\Office\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui_3.106.0.v20140812-1751.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\QuickStyles\casual.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\az\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\spu\libremoteosd_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\TimerWideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\include\win32\bridge\AccessBridgeCallbacks.h | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\ECLIPSE_.RSA | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Collections\contrast-white\WideTile.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\fr.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Car\LTR\contrast-black\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Effects\Frosted Glass.eftx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Effects\Inset.eftx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdCO365R_Subscription-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_OEM_Perp2-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProR_Retail2-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\Oval.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-modules.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\jfr.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-white\Square310x150Logo.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PublisherR_Trial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\th\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-modules-appui_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\feature.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.repository_1.2.100.v20131209-2144.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudentDemoR_BypassTrial180-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libtwolame_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\TextureBitmaps\paperbag.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\189.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.browser.jdp.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-sa.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PersonalR_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019VL_KMS_Client_AE-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\C2R64.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\NewCommentRTL.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Extensions.Design.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\resources.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_66\lib\applet\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\182.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\VoiceRecorderWideTile.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1605.0_x86__8wekyb3d8bbwe\logo.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-core-startup.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Net.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\MpUXSrv.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\zh-tw.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\javac.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libimage_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Home\contrast-black\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ExcelR_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\ARCTIC\ARCTIC.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libsubstx3g_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ro.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-application.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremR_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\AppxBlockMap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremR_SubTrial4-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PersonalPipcR_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\1033\osmdp64.msi | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\TextIntelligence.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\System\VEN2232.OLB | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\dialogs\stream_config_window.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\epl-v10.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\en-US\wmpnetwk.exe.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\contrast-black\AppPackageBadgeLogo.scale-125_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\System\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\contrast-black\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine_2.3.0.v20140506-1720.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\fi\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\StopwatchSmallTile.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\WorldClockSmallTile.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Shell\Themes\Glyphs\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\ONLNTCOMLIB.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color32.bmp | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Publisher2019VL_KMS_Client_AE-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\msotdaddin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-white\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\vcruntime140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_Subscription1-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\en\LocalizedStrings.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\JOURNAL\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\bs\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\contrast-white\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ExcelCtxUICellLayoutModel.bin | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\libvlc.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\hi\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\feature.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MEDIA\VOLTAGE.WAV | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\pl\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\CancelFluent.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ACEEXCL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-core-kit_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019XC2RVL_MAKC2R-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_SubTest5-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Document.XmlSerializers.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power View Excel Add-in\Microsoft.PowerBI.AdomdDataExtension.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL082.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\oc\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\23.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\Alphabet.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProR_Trial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\api-ms-win-core-file-l2-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\api-ms-win-crt-private-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\Updates\Download\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Mail\WinMail.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraAppList.contrast-white_scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\69.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.apache.batik.css_1.7.0.v201011041433.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-charts_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GetStartedWideTile.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.VisualC.STLCLR.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_diagonals-thick_18_b81900_40x40.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_SubTrial4-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\Cartridges\sql90.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft SQL Server\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-core-multitabs.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\WATER\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\AppXManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Word2019R_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\EduWorks Data Streamer Add-In\System.ValueTuple.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Templates\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\contrast-black\AppList.scale-125_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\tabskb.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\jfr.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Place\LTR\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\SETLANG_K_COL.HXK | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Client.Windows.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\Attribution\weatherdotcom.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-dialogs_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\EXCEL_WHATSNEW.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows NT\TableTextService\en-US\TableTextService.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProCO365R_SubTest-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\TimelessResume.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\cpprestsdk.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProR_Trial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-core-file-l2-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mng2.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\VGX\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\THIRDPARTYLICENSEREADME-JAVAFX.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\ct.sym | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\indxicon.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProfessionalR_Trial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Word2019VL_KMS_Client_AE-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libscene_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\LogoDev.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\javaws.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirect3d11_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Office\Scale.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSWORD.OLB | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\tr\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler-charts.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\api-ms-win-crt-conio-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\AppxBlockMap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\rmid.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\WordR_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\TextureBitmaps\sttionry.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\ko-KR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\contrast-black\AppList.scale-200_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\66.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtospdif_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\contrast-black\SmallLogo.scale-200_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\bn.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Aero.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProO365R_SubTest-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\WideLogo.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\en-US\wab32res.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\NetworkServerControl.bat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000050\FA000000050 | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\TRANSLAT\ENES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\gd\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppTiles\contrast-white\MapsSplashScreen.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jrunscript.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_O17EnterpriseVL_Bypass30-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.widgets_1.0.0.v20140514-1823.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.targetsize-20_altform-unplated_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OneNoteVL_MAK-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPoint2019VL_KMS_Client_AE-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.targetsize-72_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\sqloledb.rll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\epl-v10.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\contrast-white\AppPackageAppList.scale-100_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\fr.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\POWERPNT_COL.HXC | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ug\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_diagonals-thick_20_666666_40x40.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppTiles\contrast-white\MapsMedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\contrast-white\LargeLogo.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ACEES.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\AXIS\AXIS.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\mashupcompression.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\C2R32.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\contrast-white\LargeLogo.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\es-ES\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\idlj.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\eclipse.inf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-core-output2.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.PowerBI.AdomdClient.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\contrast-black\Weather_BadgeLogo.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\base_rtl.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\zh-TW.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\msvcr100.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.preferences_3.5.200.v20140224-1527.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\security\blacklist | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\FirstRunLogo.contrast-black_scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\Resources\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\ARCTIC\ARCTIC.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipskor.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\rtscom.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Office\BooleanIntersect.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\SkypeForBusinessVDI2019_eula.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libpuzzle_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.rcp.product_5.5.0.165303\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\ext\sunec.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\osclientcerts.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\qipcap64.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-core-kit.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000042\manifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\RICEPAPR\RICEPAPR.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.databinding.property_1.4.200.v20140214-0004.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\rmid.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.services_1.1.0.v20140328-1925.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-swing-plaf.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PROOF\msth8EN.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\it\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\com.jrockit.mc.console.ui.notification_contexts.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-views_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\uk\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-openide-awt.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-api.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\ZeroByteFile | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\MSYHBD.TTC | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\feature.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\Cartridges\trdtv2r41.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\psfontj2d.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\OWSCLT.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\LiveTile\10px.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\deploy\messages_es.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rcp.intro.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.operations.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.help_3.6.0.v20130326-1254.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProfessionalPipcR_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Home\RTL\contrast-white\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Office\ProjectionCylindric.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Assets\GetStartedAppList.targetsize-256_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\javafx.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\tr\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\_platform_specific\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_OEM_Perp4-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\AppList.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_wav_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Media Renderer\RenderingControl_DMP.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\Calibri.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000042\strings.resjson | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\dbghelp.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\da\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\browser\VisualElements\VisualElements_150.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\about.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\RTL\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ru.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ExcelR_Trial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-uisupport_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProXC2RVL_MAKC2R-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_OEM_Perp3-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019R_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Place\LTR\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt_0.11.101.v20140818-1343.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\chess.3mf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libkate_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\d3d9\libdirect3d9_filters_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\VoiceRecorderMedTile.contrast-black_scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-masterfs-nio2.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\FrameworkList.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\am\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\Lumia.ViewerPlugin\Assets\IconOpenInRefocus.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\ClientCapabilities.json | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-core-kit.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\LTR\contrast-white\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Assets\Office\move.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusVL_KMS_Client-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\Cartridges\orcl7.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_OEM_Perp4-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019MSDNR_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\CAPSULES\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-white\Weather_LogoSmall.targetsize-24.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.jetty.server_8.1.14.v20131031.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Effects\Office 2007 - 2010.eftx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-core-output2.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\rt.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\POWERPNT.VisualElementsManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\New_Skins.url | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\ECLIPSE_.SF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-openide-awt.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Place\contrast-white\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\Library\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\ADALPREVIOUS.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\uninstall.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\RTL\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\AdjacencyLetter.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft\OFFICE\DocumentRepository.ico | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libavi_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgradfun_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\.settings\org.eclipse.equinox.p2.metadata.repository.prefs | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPointVL_MAK-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ru-RU\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\api-ms-win-crt-environment-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\Mso98win32client.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdR_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\vccorlib140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\AppxManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-options_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-tools.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\EssentialResume.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\System\msadc\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\nl\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\GamesXboxHubAppList.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Resources\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msador28.tlb | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OneNoteR_Trial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageLargeTile.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Wordcnvr.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppTiles\contrast-white\MapsAppList.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Facet.thmx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GamesXboxHubAppList.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\security\java.security | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\jfr\profile.jfc | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSORES.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_dummy_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_output\libcaca_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\osknav\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ExcelCtxUIFormulaBarModel.bin | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\Word 2010 look.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\199.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\210x173\32.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.commands_3.6.100.v20140528-1422.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\shape_tetrahedron.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\STUDIO\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\WorldClockSmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Excel2019R_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\pt-BR\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Mozilla Firefox\fonts\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\librawaud_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\db\lib\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\nio.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib\1033\PGOMESSAGES.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\sl-SI\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\ExcelLogoSmall.contrast-white_scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vreg\excel.x-none.msi.16.x-none.vreg.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageAppList.targetsize-36_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageStoreLogo.scale-200_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\images\cursors\win32_CopyDrop32x32.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStd2019R_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_Trial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PROOF\msth8ES.LEX | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\Images\Ratings\Yelp3.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\RTL\contrast-white\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Integration\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MEDIA\CASHREG.WAV | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\api-ms-win-core-file-l1-2-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\verify.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_Subscription5-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\lib\org-openide-util.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-api-progress_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-lib-uihandler_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\VBA\VBA7.1\VBEUIRES.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Web Server Extensions\16\BIN\FPWEC.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\kinit.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\.lastModified | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\SyncFusion.Grid.Grouping.Base.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\protocolhandler.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\QUAD\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\LTR\contrast-white\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.targetsize-256_altform-unplated_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-tools.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProfessionalR_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudent2019R_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.AnalysisServices.Excel.BackEnd.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_~_8wekyb3d8bbwe\AppxMetadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\resources.pri | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\msxactps.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\epl-v10.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\ClientLangPack_eula.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudentR_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ro\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\Arrow_icon.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GetStartedAppList.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\feature.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\Microsoft.Excel.Tabular.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\vccorlib140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\pt-BR\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\core\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-favorites.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\api-ms-win-core-file-l1-2-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019R_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\images\Video-48.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Workflow\Icon_Materials.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\libEGL.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\high-contrast.css | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\GKPowerPoint.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\FirstRunLogoSmall.contrast-white_scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\LAYERS\LAYERS.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\RMNSQUE\RMNSQUE.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\TracePublish.inf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\en-US\MpEvMsg.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\ECLIPSE_.SF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\api-ms-win-core-timezone-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Document Parts\1033\16\Built-In Building Blocks.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Library\Analysis\ATPVBAEN.XLAM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\boxed-correct.avi | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\BORDERS\MSART8.BDR | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Word2019R_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\423x173\5.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\setNetworkServerCP | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Access2019R_Trial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\Lumia.ViewerPlugin\Assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\PhotosMedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1605.0_x64__8wekyb3d8bbwe\logo.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\ECLIPSE_.RSA | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PROOF\MSHY7ES.LEX | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\LivePersonaCard\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\WORDICON.EXE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\excelmui.msi.16.en-us.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\lgpllibs.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AlarmsAppList.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\config\Modules\org-netbeans-lib-profiler.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\en\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PROOF\MSSP7ES.LEX | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\libGLESv2.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LivePersonaCard\images\default\linkedin_ghost_profile.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\Lumia.ViewerPlugin\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\Weather_LogoSmall.targetsize-256_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\api-ms-win-crt-runtime-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\el\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\eclipse.inf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019VL_MAK_AE-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppTiles\MapsLargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\QUAD\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\Corbel.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ExcelR_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\javafx_iio.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ms\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\api-ms-win-crt-locale-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ast\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProO365R_SubTrial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\feature.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Colors\Green Yellow.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\mscss7cm_fr.dub | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PROOF\LTSHYPH_FR.LEX | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\SLATE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft.NET\ADOMD.NET\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\be\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Place\RTL\contrast-white\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.SF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.httpclient4_1.0.800.v20140827-1444.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-white\Square71x71Logo.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\feature.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.metadataprovider.exsd | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Colors\Red.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Standard2019R_Trial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\ko\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\System\mfc140u.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\configuration\org.eclipse.update\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\cmm\CIEXYZ.pf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\contrast-white\AppPackageSplashScreen.scale-100_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Assets\Office\Object.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\TextureBitmaps\parchmnt.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\nn.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\VoiceRecorderSmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-host-remote.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProMSDNR_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\WordVL_KMS_Client-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\AFTRNOON\AFTRNOON.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color48.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\micaut.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipshe.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\210x173\39.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-host-remote.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Colors\Blue.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Integration\C2RManifest.Proof.Culture.msi.16.fr-fr.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\NativeShim.Resources.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_~_8wekyb3d8bbwe\AppxBlockMap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\OFFICE16\Office Setup Controller\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\sv.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libcaf_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Office\BooleanMerge.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\contrast-black\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.targetsize-32_altform-unplated_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\bn.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\PROTTPLV.PPT | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStd2019VL_MAK_AE-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Work\contrast-black\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OutlookR_Trial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PersonalPipcDemoR_BypassTrial365-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\PROOF\MSWDS_ES.LEX | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Help\HxRuntime.HxS | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\WorldClockLargeTile.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.jface.databinding_1.6.200.v20140528-1422.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019R_PrepidBypass-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Bibliography\Style\TURABIAN.XSL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mlp_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Car\LTR\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageAppList.targetsize-60_altform-unplated_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProMSDNR_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Word2019R_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipscht.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jmap.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Cartridges\sql70.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskpred\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\vccorlib140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL102.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppPackageAppList.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\NOTICE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\fur\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Cartridges\orcl7.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\excelcnvpxy.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\BillingStatement.xltx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\Weather_TileWide.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\plugin.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\WordNaiveBayesCommandRanker.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\uz\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libscte27_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\VoiceRecorderLargeTile.contrast-white_scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-api-search.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdR_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\api-ms-win-core-localization-l1-2-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Mail\MSOERES.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\210x173\6.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\msvcp120.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Access2019R_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Windows Security\BrowserCore\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Colors\Slipstream.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\ExcelLogo.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\cs\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ky\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Framework.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\fre\StartMenu_Win10.mp4 | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\xul.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraAppList.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-white\Square44x44Logo.targetsize-48_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-awt_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jvm.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_SubTrial2-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProO365R_Subscription-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\1033\GrooveIntlResource.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\DefenderCSP.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\org-netbeans-modules-profiler.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Excel2019R_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Controls\EndOfLife\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\feature.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\Bibliography\Sort\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Help\Hx.HxT | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\PROOF\MSWDS_EN.LEX | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libripple_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\LiveTile\W7.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\eula.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessPipcR_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OneNoteR_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\WORD_WHATSNEW.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.ReportingServices.Interfaces.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\OriginLetter.Dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\an\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libpostproc_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_SubTest4-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_Subscription1-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Place\RTL\contrast-white\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\oc\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\te\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\access\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Assets\Office\BooleanSubtract.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup-impl_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_BypassTrial180-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\PowerPivotExcelClientAddIn.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\swiftshader\libGLESv2.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-api_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Home\LTR\contrast-black\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\210x173\29.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageAppList.targetsize-32_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Cartridges\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\Resources\1033\msolui.rll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\feature.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.ui.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPBluHandle.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-core-multitabs.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremR_Subscription4-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProR_Retail2-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RHeartbeatConfig.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbyLocale_it.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\Attribution\holiday_weather.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\WinWordLogoSmall.contrast-white_scale-80.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-core-output2.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-keymap_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ExcelVL_KMS_Client-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\manifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Entity.Design.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Collections\contrast-black\SmallTile.scale-125_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\jaas_nt.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\core\locale\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusiness2019R_Trial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows NT\Accessories\wordpad.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\README.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.event_1.3.100.v20140115-1647.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\de\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\TRANSLAT\FREN\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\SystemX86\mfcm140u.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\GamesXboxHubStoreLogo.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.p2.ui.overridden_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-remote_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL078.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_es_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-swing-tabcontrol.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\VERSION.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\javafx_font_t2k.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib\sfodbc.did | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\Microsoft.Data.DataFeedClient.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\osknumpad\osknumpadbase.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\Soft Blue.htm | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Standard2019VL_MAK_AE-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\DW\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Help\msitss55.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\OFFREL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Uninstall Information\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\contrast-black\Logo.scale-200_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.jface.databinding.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStd2019R_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\OSF.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\sunmscapi.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\ca\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\modules\sandbox.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-white\Square44x44Logo.targetsize-16_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\ucrtbase.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\_platform_specific\win_x64\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\SEGOEUISL.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\PROTTPLN.PPT | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\ipcsecproc.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\WISC30.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\ADDINS\EduWorks Data Streamer Add-In\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MYSL.ICO | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\System\Ole DB\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\FirstRunLogo.contrast-black_scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\Logo.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ta\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\VCCORLIB140_APP.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\plugin-hang-ui.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\TipRes.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\lib\boot.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vreg\powerpoint.x-none.msi.16.x-none.vreg.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\bn_IN\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libadf_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ExcelR_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Professional2019R_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-api-search.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-services_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\8.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVIsvStreamingManager.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Workflow\NavColumn_Black\Icon_Finish.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\FPA_w1\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MEDIA\WHOOSH.WAV | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\rmiregistry.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Colors\Grayscale.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_Retail3-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\WinWordLogoSmall.scale-80.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\Cartridges\as80.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\contrast-black\SmallLogo.scale-125_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jconsole.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-host-views.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\423x173\19.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019XC2RVL_KMS_ClientC2R-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\BORDERS\MSART9.BDR | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusiness2019R_OEM_Perp3-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Professional2019R_Trial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\AXIS\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.osgi.compatibility.state.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\WinWordLogo.contrast-white_scale-80.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\FPA_f3\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Portal\PortalConnectCore.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Workflow\Density_Selected_Light.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\lib\locale\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-openide-options.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\VoiceRecorderLargeTile.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-modules-autoupdate-services.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Access2019VL_MAK_AE-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019XC2RVL_MAKC2R-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\LargeLogo.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-tools.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudent2019R_Trial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\VoiceRecorderSmallTile.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\TimelessReport.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Collections\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\8-Point Star_icon.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\SLATE\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\trophystar.3mf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\eclipse.inf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\jsse.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\management\snmp.acl.template | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\WinWordLogoSmall.contrast-white_scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\Microsoft.Data.ConnectionUI.Dialog.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\nl.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\images\cursors\win32_MoveDrop32x32.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vreg\powerpointmui.msi.16.en-us.vreg.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\shape_torus.3mf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msdaprst.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.alert_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Engine.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Access2019R_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdVL_MAK-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdR_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\api-ms-win-crt-locale-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\hmmapi.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\AccessVL_KMS_Client-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\etc\visualvm.conf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-heapdump_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\Office16\SLERROR.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\lt\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\en-US\shellext.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\hr-HR\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipssve.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\NETWORK\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\DATABASECOMPARE.EXE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.AddIn.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\PhotosAppList.contrast-white_scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Office\Group.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\IPSEventLogMsg.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\jre\bin\plugin2\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\en-US\MpAsDesc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\TextureBitmaps\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-api-search_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvmstat_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-swing-outline.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Container.Loader.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\OUTLFLTR.DAT | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vreg\office32mui.msi.16.en-us.vreg.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vreg\powerpivot.x-none.msi.16.x-none.vreg.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\contrast-white\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-openide-execution.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\FPA_f2\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\ProtectionManagement.mof | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\Spacer\6px.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\170.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-openide-nodes.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\kk\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Office\StickySelection.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageAppList.targetsize-16.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbynet.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Car\LTR\contrast-white\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\PackageManifests\AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\CSIRESOURCES.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\HeartbeatConfig.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office 15\ClientX64\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\kcms.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.net.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ExcelCtxUICellModel.bin | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageAppList.targetsize-80.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-core-ui.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\msvcr120.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\bg\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraWideTile.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\feature.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStd2019R_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GamesXboxHubStoreLogo.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\MSInfo\msinfo32.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\Roses.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\DBGHELP.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\MSIPCEvents.man | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-print.xml_hidden | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPoint2019R_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\StoreLogo.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\msoasb.exe.manifest | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Container.NetFX45.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\EDGE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Car\LTR\contrast-black\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\PackageManifests\AppXManifest.90160000-3102-0000-1000-0000000FF1CE.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusiness2019R_OEM_Perp2-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\README.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\1033\MSOINTL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\pt_PT\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\PhotosSmallTile.contrast-black_scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\SplashScreen.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Assets\Office\Simplify.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.addons.swt.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.forms.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ml\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1605.0_x86__8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-utilities.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\zh-CN\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\base_ca.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\api-ms-win-crt-convert-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\AccessVL_MAK-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\PIXEL\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\Microsoft.AnalysisServices.Excel.BackEnd.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\185.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\sw.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-options-keymap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.httpclient4.ssl_1.0.0.v20140827-1444.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\javaw.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\WordInterProviderRanker.bin | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\AccessibleHandler.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\mpuxhostproxy.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\TextureBitmaps\walnut.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOInstallerUI.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.core.di.extensions_0.12.0.v20140417-2033.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\PREVIEWTEMPLATE2.POTX | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Photo Viewer\PhotoViewer.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-white\Weather_BadgeLogo.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\core\locale\core_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\FPA_f33\FA000000033 | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\sv\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_srt_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_hevc_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\Movie-TVStoreLogo.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-black\Weather_LogoSmall.targetsize-48.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\feature.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\sdxs.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Colors\Red Orange.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusDemoR_BypassTrial180-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL096.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageSplashScreen.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\kaa.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\es.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.extensionlocation_1.2.100.v20131119-0908.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-sampler_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ast\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Car\RTL\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Office\StickySelection.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\210x173\5.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\sqloledb.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ne\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_glass_100_f6f6f6_1x400.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\en-US\wmpnssui.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\deploy\messages_it.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\bn\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\PowerPntLogo.contrast-black_scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\AFTRNOON\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Content\images\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\lv.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\COPYRIGHT | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\AppxBlockMap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\LiveTile\2px.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\EduWorks Data Streamer Add-In\Microsoft.VisualStudio.OLE.Interop.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\nssckbi.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\it\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\maintenanceservice_installer.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\skins\skin.dtd | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\javacpl.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProfessionalR_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\DUBAI-LIGHT.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libcc_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\bg-BG\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-options-api.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.help.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OneNoteR_Trial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\api-ms-win-crt-filesystem-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Place\LTR\contrast-white\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Assets\Office\SelectAll.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\Weather_LogoSmall.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2R64.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\MANIFEST.MF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\images\cursors\invalid32x32.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MEDIA\BOMB.WAV | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\423x173\15.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppvIsvSubsystems64.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\contrast-black\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\an.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\REFINED\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\zh_CN\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Workflow\Density_Medium.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1605.0_x64__8wekyb3d8bbwe\Microsoft.Advertising\ormma.js | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\nio.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Routing.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremR_SubTrial2-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.targetsize-80_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\pt-PT\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libsmb_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-white\Icon.targetsize-16.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\DocumentFormat.OpenXml.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraMedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\HeroHelp\Scenario2RTL.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\System\ole db\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\intf\http.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\POWERPNT_COL.HXT | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\Library\Analysis\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\SIGNUP\install.ins | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-sa.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\StandardMSDNR_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\StandardR_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\Delete.White.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\contrast-white\MusicStoreLogo.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-black\Weather_LogoSmall.targetsize-32.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\187.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\license.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365BusinessR_Subscription-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\ChronologicalLetter.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\StoreLogo.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\api-ms-win-core-localization-l1-2-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PROOF\msth8FR.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-black\Weather_LogoSmall.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageAppList.targetsize-32_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Installer\chrmstp.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.AnalysisServices.SPClient.Interfaces.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\gl\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Speech.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\adcvbs.inc | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\PackageManifests\AppXManifest.90160000-00C1-0409-1000-0000000FF1CE.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\RICHED20.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\ucrtbase.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\197.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.th-th.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\AccessR_Trial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\offsymk.ttf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\TEXTCONV\WPFT632.CNV | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\contrast-white\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sl.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.jface.text.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Bibliography\Author2XML.XSL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\en\Common.PasswordManager.Resources.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\SplashScreen.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\contrast-white\AppPackageBadgeLogo.scale-100_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\fa.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Colors\Aspect.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\ExcelLogoSmall.contrast-white_scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\EVRGREEN\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\PAPYRUS\PAPYRUS.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ne\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000006\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\CONCRETE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\shape_wedge.3mf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\AppxManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\feature.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\msoutilstat.etw.man | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\SkypeSrv\SKYPESERVER.EXE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremR_SubTrial1-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGMN065.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppTiles\contrast-black\MapsSmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\feature.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata_2.2.0.v20131211-1531.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-jvm.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\XLMACRO.CHM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Shims.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\vi.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\COPYRIGHT | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\System\msvcr100.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\contrast-white\AppPackageAppList.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\images\Folder-48.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\misc\libstats_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\offsymxl.ttf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\FirstRunLogo.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\wordEtw.man | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\application.ini | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\trainengine.3mf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\epl-v10.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_basestyle.css | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageAppList.targetsize-72_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_SubTrial3-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\LivePersonaCard\images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Assets\Office\DeselectAll.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Configuration\card_security_terms_dict.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\RIPPLE\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.net_1.2.200.v20120807-0927.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Access2019VL_MAK_AE-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Colors\Blue Warm.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\AccessVL_KMS_Client-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\ExcelLogo.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\core\core.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-host.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\FPA_f33\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\7-Zip\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ExcelR_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\PIXEL\PIXEL.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\fr\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\resources.pri | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\LoadIconRTL_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Content\mobile\en-GB\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365BusinessR_SubTrial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\WINWORD.HXS | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ui.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageWideTile.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_ViewOnly_ZeroGrace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\playlist\vocaroo.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\ext\jfxrt.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\custom.lua | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\423x173\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\he.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPoint2019VL_KMS_Client_AE-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Redshift\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\SONORA\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\1033\VBAOWS10.CHM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationClient.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\TextureBitmaps\brmarble.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\t2k.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\console_view.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\excel.x-none.msi.16.x-none.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\FlickAnimation.avi | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGMN097.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\contrast-white\SplashScreen.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.jsp.jasper.registry_1.0.300.v20130327-1442.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libsftp_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\org-netbeans-core-output2.xml_hidden | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Exchange.WebServices.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_sse2_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.es-es.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\META-INF\MANIFEST.MF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\Checkmark.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\playlist\dailymotion.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libspatializer_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\Lumia.ViewerPlugin\Assets\IconEditMoment.contrast-high_scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProR_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Place\RTL\contrast-white\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1605.0_x86__8wekyb3d8bbwe\AppxMetadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\Square44x44Logo.targetsize-24.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageLargeTile.scale-200_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGMN082.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\Lumia.ViewerPlugin\Assets\IconEditRichCapture.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-modules-appui_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\contrast-white\AppPackageLargeTile.scale-100_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin_2.0.100.v20131209-2144.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-heapdump.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessDemoR_BypassTrial365-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\RTL\contrast-white\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\zh-cn.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\org-netbeans-lib-uihandler.xml_hidden | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Home\RTL\contrast-black\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\TabTip.exe.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome_200_percent.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\he\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\ClientPreview_eula.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.SapBwProvider.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudentR_Trial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\Cartridges\Informix.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\SystemX86\concrt140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\MpAsDesc.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-black\Square44x44Logo.targetsize-16_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-modules-queries.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\amd64\jvm.cfg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.apache.lucene.analysis_3.5.0.v20120725-1805.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\bn_IN\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\MSUIGHUB.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\ClientOSub2019_eula.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib\cacerts.pem | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\INDUST\INDUST.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppTiles\SplashScreen.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\lib\locale\boot_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\LICENSE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\adal.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libball_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\XLICONS.EXE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\tmcachemgr_xl.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\InstallerMainShell.tlb | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Office\Smooth.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-core.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\SkypeSrv\SFBAPPSDK.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\PushHide.pps | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_srt_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libsepia_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\skins\fonts\FreeSans.ttf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1605.0_x86__8wekyb3d8bbwe\AppxManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Publisher2019R_Trial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\ECHO\ECHO.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\SyncFusion.Shared.Windows.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libsapi_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GamesXboxHubStoreLogo.scale-200_contrast-high.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdR_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.repository.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\WordVL_MAK-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\PROTOCOLHANDLERINTL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\WinWordLogo.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskmenu.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome_elf.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\WWINTL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\Weather_SplashScreen.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365BusinessR_Subscription-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Word2019VL_KMS_Client_AE-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_Subscription1-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\AppxMetadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib\OpenSSL64.DllA\openssl64.dlla.manifest | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\TEXTCONV\WPFT532.CNV | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\eclipse_update_120.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\FirstRunLogoSmall.contrast-black_scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_KMS_Automation-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_SubTest2-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\OFFSYM.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ACEODEXL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\QUAD\QUAD.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\oledbvbs.inc | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\sk\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\OFFSYMT.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\Cartridges\sql120.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\as_IN\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-core-localization-l1-2-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\misc\libexport_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.SF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\Cambria.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Office\EmbossContour.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\SUMIPNTG\SUMIPNTG.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libsatip_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\visualization\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStd2019VL_KMS_Client_AE-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Publisher2019R_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\office.x-none.msi.16.x-none.boot.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libscreen_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\contrast-black\SmallLogo.scale-200_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\tipresx.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\orbd.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\osmmui.msi.16.en-us.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libpng_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\FepUnregister.mof | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\fontconfig.bfc | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365EduCloudEDUR_Subscription-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Bibliography\Style\APASixthEditionOfficeOnline.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\sq\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraMedTile.contrast-white_scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\contrast-black\AppPackageLargeTile.scale-125_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Extensions\external_extensions.json | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\images\cursors\cursors.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\d3d11\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_mpjpeg_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\spu\librss_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProR_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ka\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\5694B7BF-F90B-4679-9705-6AD758B21BEB\root\vfs\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\210x173\3.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Google\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.SqlServer.Types.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\playlist\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-black\Icon.targetsize-16.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\Weather_LogoSmall.targetsize-48_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\_Resources\0.rsrc | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\gstreamer-lite.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\Mso40UIwin32client.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Publisher2019R_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\api-ms-win-crt-multibyte-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000049\index.win32.bundle | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\1033\README.HTM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libcanvas_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageAppList.targetsize-64.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\awt.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationProvider.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-swing-plaf_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\Pitchbook.potx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_SubTest2-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\LTR\contrast-black\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msdaprsr.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\COMPASS\COMPASS.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vreg\officemui.msi.16.en-us.vreg.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProMSDNR_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\api-ms-win-core-processthreads-l1-1-1.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipscat.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\bci.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\uninstall\uninstall.log | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\AppxSignature.p7x | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\contrast-white\Logo.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageSmallTile.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusE5R_SubTrial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdO365R_Subscription-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_Subscription2-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019VL_KMS_Client_AE-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProR_Trial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\ClassicPhotoAlbum.potx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vreg\powerview.x-none.msi.16.x-none.vreg.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_output\libvmem_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\logging.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\jfr\default.jfc | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusVL_KMS_Client-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-nodes_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdR_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\JoinRegister.mov | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessDemoR_BypassTrial365-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\en-us\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\AXIS\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\api-ms-win-crt-math-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libdca_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.databinding.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-spi-actions.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Portal\1033\PortalConnect.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\LiveTile\8px.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\423x173\32.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_SubTrial2-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\SPRING\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender Advanced Threat Protection\SenseCncPS.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Personal2019R_Trial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\TRANSLAT\FREN\MSB1FREN.ITS | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\config\Modules\org-netbeans-lib-profiler-common.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\WinWordLogoSmall.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.ms-my.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\TipTsf.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.core.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-core-kit_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Configuration\ssn_high_group_info.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MEDIA\HAMMER.WAV | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\zh-CN\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Workflow\Density_Selected_Medium.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\az.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\meta-index | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\QuickStyles\bwcapitalized.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\RICEPAPR\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Network Sharing\ConnectionManager.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-core_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OutlookR_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\j2pkcs11.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_Trial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\Cartridges\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Office\Print.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ClickToRun\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\server\jvm.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\api-ms-win-crt-stdio-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\SyncFusion.Grid.Windows.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rcp.intro_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudent2019R_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019VL_KMS_Client_AE-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\osknav\osknavbase.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremR_Subscription5-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\WATER\WATER.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Place\contrast-black\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\base_jpn.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.console.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_OEM_Perp2-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Home\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\base_heb.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\ImportWatch.xla | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\msvcp140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\GamesXboxHubSplashScreen.scale-125_contrast-high.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Microsoft.Advertising\bootstrap.js | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_mru_on_win7.css | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\decora_sse.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\Training.potx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Place\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\osknumpad.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\msotelemetry.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OutlookVL_MAK-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\TrafficHub\contrast-black\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.targetsize-16_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-core-localization-l1-2-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-favorites.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-white\Weather_LogoSmall.targetsize-32.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStd2019R_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\gd\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGMN109.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Word2019VL_MAK_AE-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Client.Packaging.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\excelcnv.exe.manifest | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_smem_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\oracle.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-util.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000049\catalog.json | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Infragistics2.Win.UltraWinToolbars.v11.1.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\intf\dumpmeta.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\WideLogo.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PublisherVL_MAK-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\BHOINTL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Microsoft3DViewer_1.1702.21039.0_x64__8wekyb3d8bbwe\Assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.model.workbench_1.1.0.v20140512-1820.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Office\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Work\contrast-white\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\servertool.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\he\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdR_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\XLSTART\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\Office Setup Controller\Office.en-us\PSS10R.CHM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Content\mobile\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_SubTrial5-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProO365R_Subscription-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Integration\C2RIntLoc.en-us.16.msi | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStd2019R_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSOARIA.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PDFREFLOW.EXE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\base.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\currency.data | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\1033\xlsrvintl.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ca.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.osgi.services.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremDemoR_BypassTrial365-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Place\LTR\contrast-black\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019XC2RVL_KMS_ClientC2R-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdCO365R_Subscription-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\BORDERS\MSART7.BDR | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\msvcr120.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\VoiceRecorderAppList.contrast-white_scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-nodes_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-core.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\tet\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vreg\office32ww.msi.16.x-none.vreg.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\en_GB\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\unpack.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\EduWorks Data Streamer Add-In\MicrosoftDataStreamerforExcel.dll.config | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\api-ms-win-core-file-l1-2-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GamesXboxHubStoreLogo.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\Office 2007 - 2010.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_ViewOnly_ZeroGrace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.app.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\cmm\sRGB.pf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPointR_Trial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\AppSharingHookController.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Home\RTL\contrast-white\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\iediagcmd.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\jsound.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Colors\Office 2007 - 2010.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PROOF\LTSHYPH_EN.LEX | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\en-us\oregres.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\SLATE\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Collections\contrast-white\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\ShadesOfBlue.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\eclipse_update_120.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\fi\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusiness2019VL_KMS_Client_AE-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\Updates\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\hrtfs\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\firefox.VisualElementsManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libtimecode_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\ECLIPSE_.RSA | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\net.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\en-US\ProtectionManagement_Uninstall.mfl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\Csi.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\PackageManifests\AppXManifest.90160000-001F-040C-1000-0000000FF1CE.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\officemui.msi.16.en-us.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\NAMECONTROLSERVER.EXE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\Office Word 2003 Look.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.alert.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremR_Subscription1-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProfessionalR_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\StandardR_Trial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\it\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Mozilla Firefox\browser\features\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\omni.ja | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\6.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\dtplugin\npdeployJava1.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\fre\StartMenu_Win7.wmv | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\Arial.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Document.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\System\atl100.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\16.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\Desktop.ini | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\core\org-openide-filesystems.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019DemoR_BypassTrial180-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\WordVL_KMS_Client-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\bs\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\StopwatchLargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\10.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageAppList.targetsize-80_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\images\cursors\win32_CopyNoDrop32x32.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\management\jmxremote.password.template | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\OSFUI.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\Cartridges\sql90.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\McePerfCtr.man | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-core-file-l2-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Integration\C2RManifest.Proof.Culture.msi.16.es-es.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\ThirdPartyNotices.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-openide-windows.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_OEM_Perp6-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL103.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Help\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Web Server Extensions\16\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\jquery-ui-1.8.13.custom.css | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\System\ado\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-templates.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_splitter\libwall_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AlarmsLargeTile.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\LEELAWAD.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\filecompare.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\SmallLogo.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Workflow\NavColumn_Black\Icon_Materials.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\LiveTile\W0.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\fr-CA\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\META-INF\MANIFEST.MF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Royale.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\_Resources\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-core-ui.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\RTL\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\contrast-black\SmallLogo.scale-125_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\Logo.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\lt-LT\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-stdio-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Configuration\card_terms_dict.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Work\contrast-white\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageAppList.targetsize-72_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GetStartedSplash.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.help.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusE5R_SubTrial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019R_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Bibliography\Style\GostName.XSL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGMN044.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\GamesXboxHubStoreLogo.scale-125_contrast-high.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GamesXboxHubLargeTile.scale-200_contrast-high.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\asl-v20.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.help.base.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Place\RTL\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\ScanIcon_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_66\lib\jfr\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-crt-time-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019VL_MAK_AE-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\tl\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power View Excel Add-in\Microsoft.Reporting.AdHoc.Shell.Bootstrapper.xap | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\CASCADE\CASCADE.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\requests\status.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_extractor\libarchive_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\contrast-white\StoreLargeTile.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Assets\Office\clone.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\include\win32\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-jmx.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\CubeTile_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Data.OData.NetFX35.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ka\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\Weather_LogoSmall.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\chrome.VisualElementsManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\VVIEWRES.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\en\DatabaseCompare.HxS | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Collections\contrast-white\LargeTile.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageSplashScreen.scale-200_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\org-netbeans-core-io-ui.xml_hidden | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\AIRWER.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Car\RTL\contrast-white\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-spi-quicksearch.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusMSDNR_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-core.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\cmm\PYCC.pf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_Subscription5-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ACEWDAT.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.IO.Log.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\javafx-src.zip | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\management-agent.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\meta\art\01_googleimage.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Configuration\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\PIXEL\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\PRIVATE_ODBC32.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\GARAIT.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\sd\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-black\Weather_BadgeLogo.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\packager.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Professional2019R_Trial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power View Excel Add-in\Microsoft.Reporting.Common.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\FirstRunLogoSmall.contrast-black_scale-80.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSOSREC.EXE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\api-ms-win-core-processthreads-l1-1-1.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\ADAL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\api-ms-win-crt-runtime-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-openide-actions.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\1036\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1605.0_x64__8wekyb3d8bbwe\Microsoft.Advertising\bootstrap.js | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\api-ms-win-crt-utility-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_Subscription1-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MEDIA\CLICK.WAV | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ckb\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\AppList.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\en\SpreadsheetCompare_f_col.hxk | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.Data.Recommendation.Common.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\ExcelLogoSmall.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MEDIA\CHIMES.WAV | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libvc1_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\186.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\210x173\19.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019XC2RVL_MAKC2R-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdO365R_SubTest-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench_1.2.1.v20140901-1244.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProO365R_Subscription-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\Document Parts\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.Data.ConnectionUI.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOInstaller.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\concrt140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\AccessR_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_Subscription2-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\excel.x-none.msi.16.x-none.boot.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\logger\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libremap_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\gu.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\WindowsAccessBridge-64.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_neutral_~_8wekyb3d8bbwe\AppxBlockMap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\axvlc.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\librtp_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Standard2019VL_MAK_AE-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\QuickStyles\minimalist.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\gl\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui_2.3.0.v20140404-1657.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\prism_sw.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\MSOUC_COL.HXT | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\TrafficHub\contrast-black\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\t2k.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremR_Subscription3-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\policytool.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Outlook2019R_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStd2019R_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib\LibCurl64.DllA\OpenSSL64.DllA\libcrypto-1_1-x64.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGMN105.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\de-DE\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ko-KR\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusEDUR_Subscription-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\kk\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\LTR\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\imap.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft.NET\ADOMD.NET\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.manipulator.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSYUBIN7.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PerfBoost.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Web Server Extensions\16\BIN\FPSRVUTL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-125_8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\210x173\12.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.el-gr.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\java.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\WindowsIcons\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-black\Square44x44Logo.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Workflow\Icon_Supports.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\lua\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_a52_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libedummy_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\tnameserv.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ja\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageAppList.targetsize-48_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365EduCloudEDUR_Subscription-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\DataServices\+NewSQLServerConnection.odc | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\brx\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\contrast-white\Movie-TVStoreLogo.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GetStartedMedTile.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\AppxBlockMap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.di_1.0.0.v20140328-2112.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\1033\STSUPLD.INTL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\html\cpyr.htm | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.core.commands.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Smart Tag\METCONV.TXT | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\ICE\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\stream_out\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\skins\skin.catalog | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\cs-CZ\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\desktop.ini | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppTiles\contrast-black\SplashScreen.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\freebl3.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\liboldmovie_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageAppList.targetsize-80_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\PackageManifests\AppXManifest.common.16.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft\OFFICE\SharePointTeamSite.ico | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudentR_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\GRAPH_COL.HXC | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Portal\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\TimerSmallTile.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msadcer.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_OEM_Perp4-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\mk\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\LTR\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Colors\Orange.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Word2019R_Trial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\ucrtbase.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\contrast-black\Weather_TileMediumSquare.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\Weather_SplashScreen.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\contrast-white\AppPackageWideTile.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.Office.PowerPivot.ExcelAddIn.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power View Excel Add-in\Microsoft.PowerBI.AdomdClient.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\TEXTCONV\RECOVR32.CNV | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\AXIS\AXIS.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ug\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\Services\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Access2019VL_KMS_Client_AE-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\IRIS\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\VoiceRecorderMedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-filesystem-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\PackageManifests\AppXManifest.90160000-0115-0409-1000-0000000FF1CE.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365BusinessR_SubTest-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdR_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\contrast-black\AppPackageStoreLogo.scale-100_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\db\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\oledb32.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\BOOKOSBI.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\cy\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\GamesXboxHubLargeTile.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\20.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\FileIcons\FileLogoExtensions.targetsize-20.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\feature.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\proof.fr-fr.msi.16.fr-fr.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\System\Ole DB\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\SkypeForBusinessBasic2019_eula.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\RICEPAPR\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\cs\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Assets\GetStartedAppList.targetsize-20_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\it-IT\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\WordR_Trial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\contrast-white\DashboardDefaultThumbnail.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Excel2019R_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Photo Viewer\ImagingEngine.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Assets\GetStartedAppList.targetsize-24_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\flavormap.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib\sfodbc_sb64.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusinessVL_KMS_Client-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\Cartridges\db2v0801.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\fa.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\accessibility.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Mozilla Firefox\defaults\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\en_GB\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\pt.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGMN111.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.OData.Edm.NetFX35.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Web Server Extensions\16\BIN\FPSRVUTL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.Targets | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdR_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\cmm\PYCC.pf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rcp.intro.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\tt.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\attach.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\4-Point Star.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.rcp_4.3.100.v20141007-2301.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\msvcp140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ml\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-host-views.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\api-ms-win-crt-multibyte-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\QuickStyles\word2013.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power Map Excel Add-in\VISUALIZATIONDIRECTX.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\System\ole db\xmlrw.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\km\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\tr.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\masterix.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.garbagecollector_1.0.200.v20131115-1210.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\sv\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Collections\contrast-white\MedTile.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipssrb.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\Shades of Blue.htm | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_OEM_Perp5-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_66\lib\amd64\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\Cartridges\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\split.avi | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusDemoR_BypassTrial365-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\cardview-linkedentity.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\msvcp140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_asf_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.scale-100_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\jre\lib\applet\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-swing-tabcontrol.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_stats_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Collections\contrast-white\SmallTile.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\MSOSEC.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\api-ms-win-core-file-l1-2-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL058.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\license.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\feature.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\xmlrw_xl.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\LiveTile\3px.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.targetsize-80_altform-unplated_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\fi.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSOARIANEXT.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\Offline\MsMpCom.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\StopwatchWideTile.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.apache.httpcomponents.httpcore_4.2.5.v201311072007.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\TellMeExcel.nrr | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\ru\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProCO365R_Subscription-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\AdjacencyResume.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ACEODATASERVICE.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\api-ms-win-core-localization-l1-2-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\AppxManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ShapeCollector.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PersonalR_Trial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.AnalysisServices.Common.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Infragistics2.Win.UltraWinTree.v11.1.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudentR_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\eu\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\fonts\LucidaBrightDemiItalic.ttf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-queries.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\WordVL_KMS_Client-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\dcf.x-none.msi.16.x-none.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\deploy\messages_zh_HK.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-oql_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\jfr.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\lv\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\ro\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\SKY\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\msdaosp.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OneNoteR_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Professional2019R_Trial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Infragistics2.Win.UltraWinEditors.v8.1.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Windows Multimedia Platform\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Place\LTR\contrast-white\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\AppxClickHandler.winmd | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\security\java.policy | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremR_SubTrial2-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProO365R_SubTrial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\sv\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL077.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageBadgeLogo.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\kcms.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Professional2019R_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\PushSend.mht | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_vc1_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_output\libvdummy_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\423x173\3.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProfessionalR_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\NAMECONTROLPROXY.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraAppList.contrast-black_scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\contrast-black\Weather_SplashScreen.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_~_8wekyb3d8bbwe\AppxSignature.p7x | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\plugin2\msvcr100.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\JOURNAL\JOURNAL.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdXC2RVL_KMS_ClientC2R-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_shout_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\FPA_f3\FA000000003 | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\feature.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019VL_MAK_AE-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Redshift\lib\OpenSSL64.DllA\openssl64.dlla.manifest | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\RTL\contrast-black\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\cmm\sRGB.pf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-modules-favorites.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Home\RTL\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusinessVL_MAK-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\RTL\contrast-black\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\en\Common.ClientConfiguration.Resources.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\bn\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\policytool.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusiness2019R_Trial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\LTR\contrast-white\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\7.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\TecProxy.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\Office Setup Controller\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbyoptionaltools.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\Send2Fluent.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\171.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\keypad\keypadbase.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\bin\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\contrast-black\AppPackageWideTile.scale-125_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\yo.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\powerpivot.x-none.msi.16.x-none.boot.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\WINWORD.VisualElementsManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\PhotosAppList.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipshrv.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ext_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\ssvagent.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\rarrow.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.AnalysisServices.Excel.Common.FrontEnd.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\id\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\ApiClient.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\da-DK\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib\LibCurl64.DllA\OpenSSL64.DllA\libssl-1_1-x64.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\LoadIconRTL_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\VBA\VBA7.1\1033\VBHW6.CHM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\shellext.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\SharedPerformance.man | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\d3dcompiler_47.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\Moon.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudentR_Trial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdXC2RVL_KMS_ClientC2R-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\3082\MSO.ACL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\excel.exe.manifest | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\Bibliography\Style\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\WinWordLogoSmall.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\misc.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vreg\officemuiset.msi.16.en-us.vreg.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\fre\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender Advanced Threat Protection\SenseSampleUploader.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\fi.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\launcher.win32.win32.x86_64.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\PhotosAppList.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\8-Point Star.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\contrast-black\Weather_LogoSmall.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_OEM_Perp6-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\Cartridges\hive.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\jsoundds.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PersonalR_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\PowerPntLogo.contrast-black_scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\Edit.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\nn\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraAppList.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.uk-ua.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\it.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\VoiceRecorderLargeTile.contrast-black_scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-black\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\AppxSignature.p7x | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\hu-HU\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\GreenBubbles.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Smart Tag\LISTS\1033\PHONE.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\SymSrv.yes | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Home\contrast-white\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OneNoteVL_KMS_Client-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXEV.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\lg\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Assets\Office\StickySelection.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvmstat_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\api-ms-win-crt-runtime-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.AnalysisServices.Excel.BackEnd.XmlSerializers.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1605.0_x86__8wekyb3d8bbwe\microsoft.system.package.metadata\Autogen\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\PersonaSpy\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MEDIA\SUCTION.WAV | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\msoadfsb.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\MsMpLics.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Professional2019R_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_OEM_Perp2-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-options_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\ClrCompression.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Office\ProjectionCylindric.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\images\cursors\win32_LinkDrop32x32.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\Cartridges\sqlpdw.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\OsfInstallerConfigOnLogon.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\lcms.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019R_Trial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\sr-Cyrl-BA\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\_Resources\1.rsrc | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\AppvIsvSubsystems32.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessPipcDemoR_BypassTrial365-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ACEODATA.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\AccessVL_MAK-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\MSOUC_F_COL.HXK | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Home\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\3mf.ico | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\28.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\423x173\8.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Resources\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-api-visual.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\powerpnt.exe.manifest | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\LEVEL\LEVEL.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019MSDNR_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\GRAPH_COL.HXT | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-coredump_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\gl\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL117.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\gl\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\GamesXboxHubMedTile.scale-125_contrast-high.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Office\Group.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-modules-print.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-modules-spi-actions.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-black\SplashScreen.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\deploy\messages_de.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\RIPPLE\RIPPLE.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\System\msvcp140_1.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\zh_TW\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_setid_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Office\SelectAll.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\klist.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\notification_plugin.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\VBA\VBA7.1\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libdvbsub_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Office\Simplify.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\zip.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudent2019DemoR_BypassTrial180-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Redshift\lib\sbicuin53_64.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.components.ui.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\ssvagent.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\Rounded Rectangle_icon.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProXC2RVL_MAKC2R-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\VoiceRecorderSplashScreen.contrast-white_scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSO.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\156.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\QRYINT32.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\RMNSQUE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\contrast-white\Weather_TileMediumSquare.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jvmstat.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\word.x-none.msi.16.x-none.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL121.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PROOF\MSSP7ES.dub | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\TimelessLetter.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Office\Rotate.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\AppxSignature.p7x | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\bg.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\decora_sse.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\ClientSub_M365_eula.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL020.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\plugin2\npjp2.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\deploy\messages_ja.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-sampler.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\StandardR_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\ApothecaryLetter.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\SalesReport.xltx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_cdg_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\AppxSignature.p7x | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.runtime_3.10.0.v20140318-2214.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.scheduler.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\151.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-services_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusiness2019VL_MAK_AE-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\proofing.msi.16.en-us.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\DcfMsoWrapper.x86.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipstr.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\.settings\org.eclipse.equinox.p2.artifact.repository.prefs | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProMSDNR_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_chromaprint_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppTiles\MapsSplashScreen.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\Attribution\wdt.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\FileIcons\FileLogoExtensions.targetsize-64.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\prism_common.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.equinox.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\xul.dll.sig | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.reconciler.dropins_1.1.200.v20131119-0908.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\EDGE\EDGE.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\pencilbox.3mf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-api.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\VBA\VBA7.1\VBEUI.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\cardview-linkedentity-dark.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\dialogs\offset_window.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\TextureBitmaps\grmarble.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Workflow\Icon_Layout.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Effects\Smokey Glass.eftx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\PPT_WHATSNEW.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\THIRDPARTYLICENSEREADME.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\ClientSub_eula.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\upe.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\Cartridges\trdtv2r41.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\Resources\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_OEM_Perp2-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSOCRRES.ORP | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\Images\Ratings\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Help\Hx.HxC | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.VisualBasic.Targets | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1605.0_x86__8wekyb3d8bbwe\AppxSignature.p7x | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\feature.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\QUAD\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\hy\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libadaptive_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-ui.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-api_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\Images\Ratings\yelplogo.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.targetsize-40_altform-unplated_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power View Excel Add-in\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\vi\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\contrast-white\Weather_TileLargeSquare.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_SubTrial5-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000049\index.win32.stats.json | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_SubTest1-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\ReportingServicesNativeClient.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\contrast-white\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\javadoc.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\plugin.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_Subscription4-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_OEM_Perp5-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\OMICAUTINTL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\ICE\ICE.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraSplashScreen.contrast-black_scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Home\LTR\contrast-black\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\META-INF\MANIFEST.MF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\contrast-white\AppPackageSmallTile.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ACETXT.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\TRANSLAT\MSB1XTOR.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\MeetingJoinAxOC.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libspdif_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageAppList.targetsize-48_altform-unplated_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365BusinessR_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Smart Tag\LISTS\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\Cartridges\db2v0801.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Integration\C2RManifest.wordmui.msi.16.en-us.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\contrast-black\WideLogo.scale-200_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Shell\Themes\Glyphs\Font\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVIsvSubsystemController.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudentR_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365BusinessR_Subscription-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019XC2RVL_MAKC2R-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\api-ms-win-crt-heap-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\EXCEL.VisualElementsManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\VoiceRecorderSplashScreen.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\SmallLogoBeta.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\System\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\gimblekeychain.3mf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\Icon.targetsize-256.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OutlookVL_MAK-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProO365R_SubTest-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-openide-filesystems.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Shell\Themes\Glyphs\Font\WeatherColorIcons.ttf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-api-caching.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusinessR_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Colors\Paper.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\RIPPLE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_mms_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\da-DK\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\sv-SE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\requests\vlm.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Place\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\Rectangle.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageAppList.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\Cartridges\sql120.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\WordR_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Infragistics2.Win.Misc.v8.1.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libzvbi_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Place\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\Times New Roman-Arial.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PersonalPipcR_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\http\requests\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ecf.ssl_1.1.0.v20140827-1444.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Web Server Extensions\16\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\api-ms-win-crt-math-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\api-ms-win-crt-utility-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\tmapi_xl.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\en\Common.AuditItems.Resources.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\WorldClockWideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\AppxManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\appvcleaner.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib\LibCurl64.DllA\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\BLUEPRNT\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ast\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\iheart-radio.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\jfr\default.jfc | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\new-trigger-wiz.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-crt-string-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremR_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Common.AuditItems.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Office\move.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageAppList.targetsize-60_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Messaging_3.26.24002.0_x64__8wekyb3d8bbwe\Assets\Fonts\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\ExitClear.wma | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\mobile.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libaiff_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\178.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageWideTile.scale-200_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\deploy.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\am\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\META-INF\MANIFEST.MF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_SubTest2-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome.exe.sig | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\stopNetworkServer.bat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository_1.1.300.v20131211-1531.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019XC2RVL_KMS_ClientC2R-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\dt_shmem.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\alert_obj.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\BORDERS\MSART4.BDR | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GamesXboxHubAppList.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\AppxSignature.p7x | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\license.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power Map Excel Add-in\VISUALIZATIONCOMMON.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\WacLangPackEula.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libttml_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-crt-heap-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1605.0_x86__8wekyb3d8bbwe\Microsoft.Advertising\bootstrap.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-white\Weather_SplashScreen.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\api-ms-win-crt-multibyte-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Filters\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libmotiondetect_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\30.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.help.base_4.0.200.v20141007-2301.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\AppvIsvSubsystems32.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProR_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStd2019R_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\MSOUC_COL.HXC | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\BORDERS\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGMN020.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\msvcp120.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ja-JP\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-attach_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\hi\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\playlist\bbc_co_uk.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft\OFFICE\MySharePoints.ico | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\browser\features\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\179.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\klist.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\GRAPH_K_COL.HXK | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\release | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudentVNextR_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSOUC.EXE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PEOPLEDATAHANDLER.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\notification_helper.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\SetupMetrics\20201028183044.pma | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Publisher2019VL_KMS_Client_AE-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\RevokeRequest.TS | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\210x173\75.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.ja-jp.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\ktab.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\Roses.htm | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\OMRAUT.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\en-us\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\api-ms-win-crt-heap-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Workflow\Density_Selected_Solid.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStd2019VL_MAK_AE-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\TextureBitmaps\droplets.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\feature.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\WATERMAR\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.win32.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Help\itircl55.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\ODBC\Data Sources\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\sv\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\RTL\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mng.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\Microsoft.Ink.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\AppxManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\el\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-crt-runtime-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\lib\locale\org-openide-modules_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\fur\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\STSCOPY.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Media Renderer\DMR_120.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\TipRes.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\about.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\PlatformCapabilities\ExcelCapabilities.json | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusinessEntryR_PrepidBypass-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\ExcelLogo.contrast-white_scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ff\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_sse2_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\en-US\wmlaunch.exe.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1605.0_x64__8wekyb3d8bbwe\Microsoft.Advertising.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_SubTest3-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\SETLANG_COL.HXT | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProVL_MAK-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\NETWORK\NETWORK.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\Garamond.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_Subscription4-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libdemuxdump_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\shape_cube.3mf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Integration\C2RManifest.officemuiset.msi.16.en-us.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Publisher2019R_Trial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\kk\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Infragistics2.Win.UltraWinStatusBar.v11.1.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\BKANT.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\core\locale\org-openide-filesystems_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365EduCloudEDUR_SubTrial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSO.FRAMEPROTOCOLWIN32.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PersonalR_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\mscss7cm_en.dub | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\1033\ADO210.CHM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\api-ms-win-crt-process-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\SystemX86\mfc140u.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\mozavcodec.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\te.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\GrantLock.vssx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-core-execution.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365EduCloudEDUR_SubTrial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\CancelGlyph.16.White.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\LTR\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\contrast-white\LargeLogo.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\uk.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-cli_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.attach_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\INDUST\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\kn\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AlarmsWideTile.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsen.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\include\win32\jni_md.h | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Effects\Glow Edge.eftx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Entity.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\sl\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Common.PasswordManager.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPHandle.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\mobile_view.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\contrast-black\AppPackageWideTile.scale-100_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\ClientEventLogMessages.man | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.renderers.swt.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Word2019R_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Home\RTL\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Workflow\Icon_Printer.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\MEIPreload\preloaded_data.pb | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\msvcr100.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\ARCTIC\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_av1_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\api-ms-win-crt-utility-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\PlatformCapabilities\PowerPointCapabilities.json | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSBARCODE.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\MSYH.TTC | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\WATER\WATER.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Office\settle.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\LiveTile\5px.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVIntegration.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derby.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\.eclipseproduct | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-black\Square44x44Logo.targetsize-48.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\SONORA\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProMSDNR_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PersonaSpy\Office.Runtime.js | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.Targets | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Windows NT\Accessories\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\TextureBitmaps\canvas.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\sk\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\http\dialogs\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdVL_KMS_Client-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\kk\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\gu\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Home\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\eclipse.inf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-uihandler_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\contrast-black\StoreSmallTile.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\ext\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OneNoteR_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProR_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\PROFILE\PROFILE.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\MpClient.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\181.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-core-file-l1-2-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-compat_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\COPYING.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\MANIFEST.MF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ff\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageAppList.targetsize-80_altform-unplated_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremR_Subscription1-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows NT\TableTextService\TableTextServiceTigrinya.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_OEM_Perp3-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\flat_officeFontsPreview.ttf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirect3d9_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Home\LTR\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\resources. 20a37ca.pri | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-ui_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\Microsoft.AnalysisServices.Common.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\161.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7z.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdVL_KMS_Client-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\prodicon.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-modules-autoupdate-cli.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-api-visual_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\PIXEL\PIXEL.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraWideTile.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jstatd.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\eclipse.inf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.apache.jasper.glassfish_2.2.2.v201205150955.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStd2019VL_MAK_AE-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Infragistics2.Win.UltraChart.v8.1.Design.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\http\css\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\History.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\86.0.4240.111\default_apps\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL081.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\LargeLogo.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\AppxManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\offreg.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\fontconfig.properties.src | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\lib\deployed\jdk16\windows-amd64\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\et\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\cs\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Office\PlaneCutKeepBoth.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.en-us.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\jfr.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Bibliography\Sort\AUTHOR.XSL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\ExcelLogoSmall.contrast-white_scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\PowerPntLogoSmall.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Assets\Office\ProjectionPlanar.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-masterfs-nio2.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-application-views.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\WINGDNG2.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\VVIEWDWG.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libsdl_image_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Deleted\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_~_8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageWideTile.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\feature.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdO365R_SubTrial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdCO365R_SubTrial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\id\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\Cloud.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskmenu\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\unpack200.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\license.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmad_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraAppList.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\VoiceRecorderSplashScreen.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\cy.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\unpack.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\bn\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\de\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\README.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.osgi.services.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Integration\C2RManifest.PowerPivot.PowerPivot.x-none.msi.16.x-none.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Workflow\Icon_Finish.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\ContemporaryPhotoAlbum.potx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ml\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ExcelVL_MAK-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ADAL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.fi-fi.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\join.avi | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\CameraIcon_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_OEM_Perp2-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\api-ms-win-crt-string-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vreg\word.x-none.msi.16.x-none.vreg.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OutlookVL_KMS_Client-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\CASCADE\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\Images\Ratings\Yelp5.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProVL_MAK-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProCO365R_SubTrial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PersonalR_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGMN081.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_Subscription-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-common_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-threaddump.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_OEM_Perp4-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\hu\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_dts_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\en-US\ProtectionManagement.mfl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.emf.ecore_2.10.1.v20140901-1043.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-modules-sendopts.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-openide-loaders.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\lt\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\162.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\jfr\profile.jfc | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\bookbig.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Workflow\NavColumn_Black\Icon_Printer Settings.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\BLUECALM\BLUECALM.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\GamesXboxHubAppList.scale-125_contrast-high.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\WideLogo.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\AppxBlockMap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremR_SubTrial1-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremR_SubTrial4-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\intf\modules\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\id\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\officestoragehost.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\doclib.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\ClientVolumeLicense2019_eula.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\jli.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\TrafficHub\contrast-white\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-white\Weather_LogoSmall.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mn.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Extensions\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\LTR\contrast-black\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libdirectory_demux_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\Candara.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProCO365R_SubTrial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\TRANSLAT\ENES\MSB1ENES.ITS | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\en\SpreadsheetCompare_k_col.hxk | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Infragistics2.Win.UltraChart.v11.1.Design.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\contrast-black\StoreAppList.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-spi-quicksearch_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\PowerPntLogoSmall.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.AnalysisServices.Layout.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\WATERMAR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\en-us\oregres.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libsubsdec_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libmpc_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_SubTest1-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.ProviderShared.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Assets\GetStartedAppList.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVScripting.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\FileSystemMetadata.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PublisherR_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libequalizer_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\RTL\contrast-white\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.extensionlocation.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_Retail2-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudent2019R_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSO99LRES.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Messaging_3.26.24002.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\he.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\PackageManifests\AppXManifest.90160000-00E2-0000-1000-0000000FF1CE.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\WXPNSE.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Smart Tag\FPLACE.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\platform.ini | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libnoseek_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\contrast-black\StoreLargeTile.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-125_8wekyb3d8bbwe\AppxBlockMap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProCO365R_SubTrial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\api-ms-win-crt-time-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1605.0_x86__8wekyb3d8bbwe\AppxMetadata\CodeIntegrity.cat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\BREEZE\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libhqdn3d_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\423x173\2.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Standard2019R_Trial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-settings_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_OEM_Perp3-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ucrtbase.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-core-timezone-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\9.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\oledbjvs.inc | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.eclipse.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\MINSBPROXY.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\Rounded Rectangle.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\zh-dayi.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\msproof7.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\TextureBitmaps\sand.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.eclipse.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\tmtransactions_xl.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\ARIALNBI.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOIDRES.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Assets\GetStartedAppList.targetsize-16_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdCO365R_SubTrial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Redshift\lib\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGMN026.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ar\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\dependentlibs.list | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\day-of-week-16.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.repository.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\Document Parts\1033\16\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\mn\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationCore.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\core\locale\com-sun-tools-visualvm-modules-startup_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusiness2019R_OEM_Perp3-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_SubTrial4-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Place\contrast-white\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageMedTile.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.zh-cn.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-core-io-ui.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7zG.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\1033\Bibliography\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\Cartridges\db2v0801.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.DynamicData.Design.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\LiveTile\7px.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProO365R_SubTest-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\CONCRETE\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPointR_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\LTR\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_Subscription5-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib\sbicudt58_64.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Collections\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\ShapeCollector.exe.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msdaremr.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\Unlock.White.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1605.0_x64__8wekyb3d8bbwe\AppxMetadata\CodeIntegrity.cat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\symbols\ja-jp-sym.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ecf.identity_3.4.0.v20140827-1444.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.hr-hr.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\VC\msdia100.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\jjs.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\PackageManifests\AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_OEM_Perp2-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsesp.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msado28.tlb | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusinessR_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\RTL\contrast-black\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\contrast-white\AppPackageSplashScreen.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\ieinstal.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_Subscription2-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_SubTest-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusinessEntry2019R_PrepidBypass-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-core-synch-l1-2-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\TimerSmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\TextureBitmaps\wovenmat.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\org-openide-execution.xml_hidden | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\Office16\OSPP.VBS | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power Map Excel Add-in\DATATRANSFORMERWRAPPER.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\EXP_XPS.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\Resources\1033\msmdsrv.rll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\lib\locale\boot_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\1.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbyLocale_ru.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\TextureBitmaps\denim.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Outlook2019VL_KMS_Client_AE-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\CANYON\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\OFFSYMSB.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\vlc.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.RSA | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_SubTrial1-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\ScanIcon_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipssrl.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Home\LTR\contrast-black\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\PowerPntLogoSmall.contrast-black_scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPointVL_KMS_Client-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudentR_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\spu\libmosaic_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\StoreLargeTile.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.sk-sk.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000050\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\en-US\sqlxmlx.rll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\JavaAccessBridge-64.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\System\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PROOF\MSHY7EN.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\install.log | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\DenyDismount.mpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\FirstRunLogo.contrast-white_scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsnld.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.service.exsd | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_SubTrial2-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPoint2019R_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Car\RTL\contrast-white\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\el.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.sv-se.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\FPA_f2\FA000000002 | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\Spacer\4px.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.di.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_KMS_Automation-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\GOTHICB.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-crt-locale-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\Spacer\5px.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\177.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\hwrusash.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudent2019R_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_66\bin\server\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\LiveTile\4px.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\ECLIPSE_.SF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\lib\deployed\jdk15\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Assets\GetStartedAppList.targetsize-16_altform-unplated_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPoint2019R_Trial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PublisherVL_KMS_Client-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Car\LTR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\lib\locale\org-openide-util-lookup_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libinflate_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\SplitInitialize.vstx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_neutral_~_8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\AppxMetadata\CodeIntegrity.cat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\klist.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\Library\SOLVER\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\1033\DataServices\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\tracedefinition130.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\CardViewIcon.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\my\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\minidump-analyzer.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\nb\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.commands.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ExcelR_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\bn_IN\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-crt-convert-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\TrafficHub\contrast-black\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\office32mui.msi.16.en-us.boot.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\api-ms-win-crt-process-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\Square44x44Logo.targetsize-48.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\ktab.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStd2019VL_KMS_Client_AE-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\config\Modules\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\playlist\twitch.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\sk-SK\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\base_kor.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\QuickStyles\basicelegant.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\EXPEDITN\EXPEDITN.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageAppList.targetsize-20_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Outlook2019R_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\flavormap.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\PowerPntLogoSmall.contrast-white_scale-80.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\BOOKOSI.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLMF.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPBluTSFrame.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-core-execution.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\AccessRuntimeR_PrepidBypass-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\ExcelLogo.contrast-white_scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\AppxBlockMap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GetStartedSmallTile.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.components.ui.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\license.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\intf\telnet.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Assets\Office\Print.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Workflow\NavColumn_Black\Icon_Supports.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\ext\jaccess.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Standard2019R_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\FirstRunLogoSmall.scale-80.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\librv32_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppTiles\contrast-black\MapsSplashScreen.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\183.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_classic_winxp.css | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_Trial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vreg\proof.fr-fr.msi.16.fr-fr.vreg.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1605.0_x86__8wekyb3d8bbwe\Microsoft.Advertising\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\shape_wedge.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\Attribution\kweather.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\jp2ssv.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProR_Trial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\Cartridges\sybase.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libnsv_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\Images\Ratings\Yelp4.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusiness2019R_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.Office.Interop.Excel.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudentVNextR_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\powerpointmui.msi.16.en-us.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\TRANSLAT\ESEN\MSB1ESEN.ITS | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\et-EE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\ext\access-bridge-64.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageAppList.targetsize-24_altform-unplated_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusEDUR_Subscription-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_Trial2-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\contrast-black\iheart-radio.scale-200_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdO365R_SubTest-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\NETWORK\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\ext\dnsns.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\AccessR_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_Retail3-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\System\msvcp110.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.jsp.jasper_1.0.400.v20130327-1442.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application-views_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\HelpIcon_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-core_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GamesXboxHubWideTile.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\otkloadr_x64.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProCO365R_SubTest-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PPCORE.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\msvcp140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.emf.ecore.xmi_2.10.1.v20140901-1043.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libblend_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1605.0_x86__8wekyb3d8bbwe\Microsoft.Advertising.winmd | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\PowerPntLogoSmall.contrast-white_scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\Microsoft.Data.Edm.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.ui.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\etc\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\NIRMALA.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\LICENSE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Publisher2019R_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\help.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\WindowsAccessBridge-64.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_Subscription2-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\et\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\OLKFSTUB.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\System\vccorlib140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\IpsMigrationPlugin.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\msdatl3.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\contrast-white\SmallLogo.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\stream_extractor\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_output\libgl_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\NativeShim.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\fr\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\LTR\contrast-white\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\micaut.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\dsn.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\Cartridges\msjet.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Utilities.v3.5.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GetStartedAppList.scale-200_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.directorywatcher.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\DESIGNER\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\hr\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\LTR\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Microsoft3DViewer_1.1702.21039.0_x64__8wekyb3d8bbwe\Assets\Fonts\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ecf_3.4.0.v20140827-1444.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.SqlServer.Configuration.SString.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Container.NetFX45.exe.config | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\ms\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\STUDIO\STUDIO.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_Retail2-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStd2019R_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\macTSFrame.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-io_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPoint2019VL_MAK_AE-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\api-ms-win-crt-environment-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\msolui.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\gui\libskins2_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7z.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\j2pkcs11.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Collections\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProfessionalR_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\STSLIST.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\lv\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vreg\osmmui.msi.16.en-us.vreg.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\pt_BR\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\PhotosSmallTile.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVIsvVirtualization.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\AppxManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageAppList.targetsize-32.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\EQUATION\eqnedt32.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\CancelFluent.White.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\SPRING\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\Lumia.ViewerPlugin\Assets\IconOpenInRefocus.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-conio-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\msdasql.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Redshift\lib\sbicuuc53_64.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libtta_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\wab32res.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\el\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\CSS7DATA000A.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\mn\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\System\atl110.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Place\RTL\contrast-black\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\ECLIPSE_.RSA | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-swing-outline.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\SplashScreen.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\heart_icon.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-openide-dialogs.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_Trial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PersonaSpy\notice.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\PackageManifests\AppXManifestLoc.16.en-us.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusinessVL_MAK-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\GRAPH.EXE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Windows Media Player\Skins\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\en-US\msader15.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.di.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Workflow\Density_Selected_Hollow.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\w2k_lsa_auth.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\IEAWSDC.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_SubTrial4-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019VL_MAK_AE-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\Icon.targetsize-32.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.net.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_SubTrial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\WATERMAR\WATERMAR.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\VSTO\10.0\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PPTICO.EXE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\COMPASS\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppTiles\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\lib\locale\jfluid-server_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\km\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\PhotosWideTile.contrast-white_scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\hi.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPointR_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019R_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\REFEDIT.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\te\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\visualization\libgoom_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\contrast-white\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.core.commands.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.views_3.7.0.v20140408-0703.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\AFTRNOON\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\EVRGREEN\EVRGREEN.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\hu.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\hu\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\AccessRuntimeR_PrepidBypass-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\GRAPH_F_COL.HXK | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\CalibriL.ttf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\AppxBlockMap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\contrast-white\StoreAppList.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\he-IL\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-editor-mimelookup-impl.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\FirstRunLogoSmall.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft Help\MS.DATABASECOMPARE.16.1033.hxn | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\423x173\82.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Access2019R_Trial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\AccessR_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Container.NetFX40.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000042\index.win32.bundle.map | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\en\DatabaseCompare_col.hxc | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\210x173\40.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\sa-jdi.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\images\cursors\win32_CopyNoDrop32x32.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\Gill Sans MT.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sk.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\serialver.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Smart Tag\1033\MCABOUT.HTM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-crt-utility-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\tr\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppTiles\contrast-black\MapsLargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_SubTrial3-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Standard2019VL_MAK_AE-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019XC2RVL_KMS_ClientC2R-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\OPTINPS.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libidummy_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\rmic.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.core.di_1.4.0.v20140414-1837.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\LEELAWDB.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\requests\browse.json | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Windows Defender\Offline\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.ar-sa.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudentVNextR_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EURO\MSOEURO.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\plugin-container.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.IdentityModel.Selectors.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\az\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jps.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProXC2RVL_MAKC2R-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\api-ms-win-core-synch-l1-2-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\IRIS\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_Trial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\EduWorks Data Streamer Add-In\Microsoft.VisualStudio.Tools.Applications.Runtime.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender Advanced Threat Protection\SenseCncProxy.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\159.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSOSVG.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\RADIAL\RADIAL.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-crt-locale-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler-common.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jmx.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Mail\en-US\msoeres.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\configuration\org.eclipse.equinox.simpleconfigurator\bundles.info | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.OAuth.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-api-progress.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStd2019R_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sq.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Integration\C2RManifest.powerpointmui.msi.16.en-us.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\System\msvcp100.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\or\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_gloss-wave_35_f6a828_500x100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jjs.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Reference Assemblies\Microsoft\Framework\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\sysinfo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\ExcelLogo.contrast-black_scale-80.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ro.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\COPYRIGHT | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\WordR_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libextract_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\AppxManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\setNetworkClientCP.bat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProDemoR_BypassTrial180-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageAppList.targetsize-60_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PersonalR_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\br\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\202.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\lib\deployed\jdk16\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Access2019R_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageLargeTile.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremR_Subscription5-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-150_8wekyb3d8bbwe\Assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Document Themes 16\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\XLSLICER.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.Dallas.OAuthClient.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libvobsub_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\en-US.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\jvm.hprof.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PROOF\msgr8fr.dub | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\C2R64.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Publisher2019VL_MAK_AE-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\DataServices\DESKTOP.INI | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\icudtl.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-crt-private-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\LTR\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\osknav.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\CSS7DATA0009.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\FileIcons\FileLogoExtensions.targetsize-40.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sa.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib\LibCurl64.DllA\libcurl64.dlla.manifest | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office15\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\LEVEL\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Infragistics2.Win.UltraWinGrid.v11.1.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-settings_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jmx_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\PROTTPLV.DOC | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\resources.pri | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\Lightning bolt_icon.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Configuration\configuration.sqlite | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\StandardVL_MAK-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\js\controllers.js | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PROOF\msth8EN.LEX | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\SKY\SKY.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.SF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PROOF\MSHY7ES.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\RTC.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ms\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\Lumia.ViewerPlugin\Assets\IconEditRichCapture.contrast-high_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Office\PlaneCutKeepBottom.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\macHandle.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\VERSION.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\about.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Colors\Yellow Orange.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\ECHO\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\DashboardDefaultThumbnail.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\423x173\46.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-core-file-l2-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\keytool.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStd2019R_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\WordVL_MAK-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\BloodPressureTracker.xltx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\4-Point Star_icon.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\insert\insertbase.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_Subscription2-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Access2019R_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PersonalR_Trial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Localytics.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\intf\dummy.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GetStartedLargeTile.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\sunmscapi.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\java_crw_demo.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\spu\libmarq_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraMedTile.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\MANIFEST.MF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_~_8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_Trial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\msvcp120.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\Double Wave.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_66\lib\ext\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\DarkBlue.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-openide-windows.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGMN001.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\SyncFusion.Core.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019VL_MAK_AE-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vreg\osm.x-none.msi.16.x-none.vreg.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Builder3D.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppPackageSmallTile.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\VC\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\en-US\ieinstal.exe.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000042\assets\assets\images\MSFT.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\fonts\LucidaTypewriterBold.ttf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Standard2019VL_KMS_Client_AE-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-spi-quicksearch.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\BORDERS\MSART15.BDR | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\EntityDataHandler.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\msdasqlr.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\currency.data | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\pt\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Microsoft3DViewer_1.1702.21039.0_neutral_~_8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RUI.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdR_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\ODBC\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\maintenanceservice.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\calendars.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdVL_MAK-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\defaults\pref\channel-prefs.js | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-explorer_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusVL_MAK-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\EXCEL_K_COL.HXK | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\BORDERS\MSART1.BDR | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\AccessCompare.rdlc | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Car\RTL\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\include\jvmticmlr.h | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\eclipse.inf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Word2019VL_MAK_AE-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\QuickStyles\word2013bw.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\GADUGIB.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ta\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libprefetch_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\resources.pri | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\javacpl.cpl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_Subscription5-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Collections\contrast-black\WideTile.scale-125_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\ca\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\STUDIO\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\librawdv_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\MSInfo\en-US\msinfo32.exe.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\AccessRuntime2019R_PrepidBypass-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\1033\ACEWSTR.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1605.0_x64__8wekyb3d8bbwe\Microsoft.Advertising\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ast.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\PackageManifests\AppXManifest.90160000-002C-0409-1000-0000000FF1CE.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Effects\Subtle Solids.eftx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_OEM_Perp3-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\fr\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Mail\oeimport.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Place\RTL\contrast-black\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-applemenu.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\CT_ROOTS.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\ExcelLogo.contrast-black_scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\ko-kr.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PersonalR_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_highlight-soft_100_eeeeee_1x100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\Square44x44Logo.targetsize-256_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPoint2019R_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib\LibCurl64.DllA\OpenSSL64.DllA\zlibwapi.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudentVNextR_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Infragistics2.Win.UltraWinChart.v11.1.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\my\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\contrast-black\AppPackageBadgeLogo.scale-100_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.sat4j.pb_2.3.5.v201404071733.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-favorites.xml_hidden | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libdmo_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\Multiply.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Microsoft.Advertising.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\XLINTL32.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\ExcelLogo.scale-80.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\eula.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.win32.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\deploy\messages.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\no\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Photo Viewer\en-US\PhotoViewer.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\AppxManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\86.0.4240.111\swiftshader\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Internet Explorer\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Home\LTR\contrast-white\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\de\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoVL_MAK-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_SubTrial1-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-sampler_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\msvcr120.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_SubTest5-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\StandardR_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_file_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libau_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\setup_wm.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Place\RTL\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\zh-changjei.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\deploy.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraSplashScreen.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_SubTest4-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019MSDNR_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\WinWordLogoSmall.contrast-black_scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\210x173\7.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\zh-TW\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-threaddump_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\TRANSLAT\MSB1CORE.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\msolap.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\GRPHFLT\PNG32.FLT | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\Attribution\weather_trends.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\PPINTL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\mscss7es.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.reportviewer.common.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Resources\1033\PowerPivotExcelClientAddIn.rll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Web Server Extensions\16\BIN\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Work\contrast-black\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\MicrosoftAdvertising.ini | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ExcelVL_MAK-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Cartridges\msjet.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\1033\ACEINTL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\oregres.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\Oval_icon.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\SQLiteWrapper.winmd | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\insert.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\PowerPntLogo.contrast-black_scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vreg\osmuxmui.msi.16.en-us.vreg.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\164.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Messaging_3.26.24002.0_x64__8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\security\trusted.libraries | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\tr\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\Weather_TileWide.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GetStartedWideTile.scale-200_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\hrtfs\dodeca_and_7channel_3DSL_HRTF.sofa | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmono_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProfessionalDemoR_BypassTrial180-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\api-ms-win-crt-multibyte-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ko.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\RepoMan.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\gl\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\Weather_LogoSmall.targetsize-24_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019R_Trial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft\OFFICE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\VBA\VBA6\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libcvdsub_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\Icon.targetsize-16.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\Attribution\foreca.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-impl_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.OData.Core.NetFX35.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PublisherVL_KMS_Client-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\d3dcompiler_47.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ps\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\librawvideo_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageAppList.targetsize-16_altform-unplated_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Internet Explorer\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\PackageManifests\AppXManifest.90160000-001B-0409-1000-0000000FF1CE.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\wordmui.msi.16.en-us.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Integration\C2RManifest.DCF.DCF.x-none.msi.16.x-none.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\QuickStyles\Classic.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusiness2019VL_MAK_AE-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PROOF\MSHY7FR.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\RTL\contrast-white\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\core\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-bootstrap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ORGCHART.EXE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft SQL Server\130\Shared\msasxpress.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\AppVDllSurrogate64.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProVL_KMS_Client-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-dialogs_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProO365R_SubTest-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ODBC32.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libt140_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1605.0_x86__8wekyb3d8bbwe\AppxBlockMap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVClient.man | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\en-US\msaddsr.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\LAYERS\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_mmx_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageBadgeLogo.scale-200_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_OEM_Perp2-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProXC2RVL_KMS_ClientC2R-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Classic.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\Weather_BadgeLogo.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\c2rpridslicensefiles_auto.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.ScriptDom.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\System.Web.Mvc.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\BORDERS\MSART2.BDR | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Contrast\BuilderLogo.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\jre\bin\server\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Effects\Glossy.eftx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProR_Retail2-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\GRPHFLT\MS.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vreg\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\firefox.exe.sig | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\master_preferences | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.core.contexts_1.3.100.v20140407-1019.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Windows Defender Advanced Threat Protection\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-crt-stdio-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_output\libafile_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Excel2019R_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\et\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-black\Square44x44Logo.targetsize-256_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-environment-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\en-GB.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_OEM_Perp6-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.1.25002.0_neutral_~_8wekyb3d8bbwe\AppxMetadata\AppxBundleManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusE5R_Subscription-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019XC2RVL_KMS_ClientC2R-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ms\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\PowerPntLogoSmall.contrast-black_scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\msoev.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libdav1d_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\TrafficHub\contrast-white\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\GamesXboxHubAppList.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPBlue.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-openide-windows.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.model.workbench.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.AnalysisServices.Modeler.UI.rll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\AppxManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Assets\GetStartedAppList.targetsize-20_altform-unplated_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.apache.commons.codec_1.6.0.v201305230611.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_OEM_Perp3-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_Trial2-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageAppList.targetsize-30_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\rmiregistry.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\etc\visualvm.clusters | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.reconciler.dropins.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProO365R_SubTrial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageAppList.targetsize-30.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\MSOUC_K_COL.HXK | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\ja-JP\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ja.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.views.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PersonalPipcR_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power Map Excel Add-in\VISUALIZATIONCONTROL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\SELFCERT.EXE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\api-ms-win-crt-heap-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\contrast-black\SplashScreen.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\feature.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423496937509.profile.gz | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MEDIA\COIN.WAV | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Infragistics2.Win.UltraWinToolbars.v8.1.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\office.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\es-MX\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\PackageManifests\AppXManifest.90160000-0090-0000-1000-0000000FF1CE.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\fxplugins.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\OSFROAMINGPROXY.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\AppxSignature.p7x | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.ui.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-applemenu.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.Excel.ReportingServices.QueryDesigners.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.Excel.ReportingServices.QueryDesigners.Extensions.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\vi\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\TimerLargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\ru-RU\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\deploy\ffjcext.zip | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\control\libdummy_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\tzdb.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\jp2native.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\AppList.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Office\CenterView.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OneNoteVL_KMS_Client-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\GRPHFLT\GIFIMP32.FLT | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGMN095.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\Mso40UIwin32client.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GamesXboxHubSmallTile.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Office\PlaneCutKeepTop.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\api-ms-win-core-localization-l1-2-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LivePersonaCard\images\default\linkedin_logo.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Client.UI.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxbgt.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\msvcp120.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows NT\Accessories\en-US\wordpad.exe.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageAppList.targetsize-20_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_Retail2-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\1033\osmdp32.msi | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\UnlockOut.mpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PublisherR_Trial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL095.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbyLocale_es.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\ECLIPSE_.RSA | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019XC2RVL_MAKC2R-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\ClientVolumeLicense_eula.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\QuickStyles\shaded.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\SETLANG.EXE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\IpsMigrationPlugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\hr.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows NT\TableTextService\TableTextServiceDaYi.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\LTR\contrast-white\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\officeinventoryagentfallback.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\AugLoop\bundle.js | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\Resources\1033\msmdsrvi.rll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\204.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Office Theme.thmx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusinessR_Trial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\startNetworkServer | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_display_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\Office Setup Controller\Office.en-us\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\BLENDS\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Car\RTL\contrast-black\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\163.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\Weather_LogoSmall.targetsize-32_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\pop3.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\FirstRunLogoSmall.contrast-white_scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\INDUST\INDUST.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\Cartridges\sql70.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoVL_KMS_Client-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Web Server Extensions\16\BIN\1033\FPEXT.MSG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\lib\org-openide-util-lookup.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-windows_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019MSDNR_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdXC2RVL_MAKC2R-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ODBCTRAC.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL075.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\default_apps\youtube.crx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer_3.2.200.v20140827-1444.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\BLUEPRNT\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\StoreBadgeLogo.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\AppxSignature.p7x | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\he\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\SPRING\SPRING.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\MsMpResL.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\jfxwebkit.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\msvcr120.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\PowerPntLogoSmall.contrast-black_scale-80.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\vcruntime140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\es\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\pa\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\MusicStoreLogo.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\sk-SK\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\jre\lib\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Effects\Grunge Texture.eftx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdCO365R_SubTest-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Place\RTL\contrast-white\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\Lumia.ViewerPlugin\Assets\IconEditMoment.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\jre\lib\management\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_http_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-snaptracer.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\ro\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\NL7MODELS000A.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\SONORA\SONORA.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\en-US\sqloledb.rll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark_mac.css | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power View Excel Add-in\AdHocReportingExcelClient.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\misc\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.emf.common_2.10.1.v20140901-1043.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_OEM_Perp2-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\StoreAppList.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\fonts\LucidaBrightRegular.ttf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_SubTrial2-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\en-US\OfflineScannerShell.exe.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-white\Square44x44Logo.targetsize-24.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\CopyConvertTo.bat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019R_Trial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGMN108.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\GettingStarted16\SLINTL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\playlist\vimeo.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\control\libwin_hotkeys_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\LiveTile\9px.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\baseAltGr_rtl.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\pkeyconfig-office-client15.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\deploy\ffjcext.zip | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GetStartedSplash.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremR_SubTrial5-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\br.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\feature.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Home\contrast-white\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\contrast-black\WideLogo.scale-125_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\210x173\46.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppPackageMedTile.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.DataIntegration.FuzzyMatchingCommon.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\en-US\EppManifest.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Colors\Violet II.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\contrast-black\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3_0.12.0.v20140227-2118.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\JOURNAL\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\SQLDumper.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\keystore\libmemory_keystore_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\va.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\feedback.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\lv\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\gd\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\intf\modules\httprequests.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-black\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\tools.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\NewComment.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\AppxBlockMap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusinessR_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\contrast-black\Movie-TVStoreLogo.scale-200_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_concat_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Home\LTR\contrast-white\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Effects\Riblet.eftx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019VL_KMS_Client_AE-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Help\hxds.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageSplashScreen.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\zh-CN\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\LICENSE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\ext\zipfs.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\Lumia.ViewerPlugin\Assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\RTL\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\contrast-white\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msado15.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\ext\nashorn.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_stl_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\msdaps.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\META-INF\MANIFEST.MF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\LanguageModel\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-uisupport.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\ClearResume.css | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\VSTO\vstoee.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-windows_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL109.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Smart Tag\LISTS\BASMLA.XSL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\my\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\VoiceRecorderAppList.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\ECLIPSE_.RSA | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.help.ui.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\QUERIES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\api-ms-win-crt-process-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\en_GB\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVClientIsv.man | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\META-INF\MANIFEST.MF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\server\classes.jsa | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusVL_MAK-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\SUMIPNTG\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libspeex_resampler_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\LargeLogo.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\feature.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProR_Retail2-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageAppList.targetsize-72.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\api-ms-win-crt-heap-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libcdda_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\contrast-black\LargeLogo.scale-125_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Shell\Themes\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Assets\GetStartedAppList.targetsize-256_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusiness2019R_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-crt-utility-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\gu\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\mobile_equalizer.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\concrt140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\THIRDPARTYLICENSEREADME-JAVAFX.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\api-ms-win-crt-convert-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\198.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019R_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\Send2Fluent.White.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Workflow\Icon_Quality.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft SQL Server\130\Shared\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-white\Square44x44Logo.targetsize-24_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.manipulator.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Excel2019R_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoVL_KMS_Client-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProR_Retail2-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\GRPHFLT\JPEGIM32.FLT | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Installer\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msado26.tlb | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\api-ms-win-core-synch-l1-2-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ks_IN\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\contrast-black\WideLogo.scale-200_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\AppxManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\fxplugins.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ru\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\wsdetect.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\PowerPntLogo.contrast-white_scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-core-file-l1-2-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\AppxManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-ui_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\dt_socket.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\REFINED\REFINED.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegaudio_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\resources.pri | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Collections\contrast-black\LargeTile.scale-125_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_Trial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft\OFFICE\AssetLibrary.ico | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libsubsusf_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Wisp.thmx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProR_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019VL_KMS_Client_AE-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\SQLDumper.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libh26x_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Media Renderer\avtransport.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\fontmanager.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusiness2019R_OEM_Perp3-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\uk\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-125_8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.widgets.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.DataSetExtensions.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Microsoft.Advertising.winmd | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-util-enumerations_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\api-ms-win-crt-runtime-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365BusinessR_SubTest-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Web Server Extensions\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\bs\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\nn\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ru.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.jarprocessor.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\UCRTBASE.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\Cartridges\informix.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\it\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\javaws.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-profiler.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\EDGE\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\auxpad\auxbase.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL092.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\lt\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7-zip.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProXC2RVL_KMS_ClientC2R-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019MSDNR_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\offsymb.ttf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\correct.avi | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\sunec.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusiness2019R_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\hi\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Photo Viewer\ImagingDevices.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraLargeTile.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\kinit.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\Lumia.ViewerPlugin\Assets\IconOpenInCinemagraph.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Redshift\lib\OpenSSL64.DllA\libeay32.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\Presentation Designs\Maple.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\api-ms-win-core-localization-l1-2-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-core-execution_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000006\FA000000006 | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\BLUECALM\BLUECALM.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\skins\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-black\Weather_TileWide.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.sl-si.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsnor.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStd2019R_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\resources.pri | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProCO365R_Subscription-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\BOLDSTRI\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\paperboat.3mf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msado27.tlb | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\jre\lib\deploy\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\StandardR_Trial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraSplashScreen.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\AdeModule.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Reference Assemblies\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-filesystems.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProCO365R_SubTest-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-modules-keyring-impl.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Practices.Unity.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\mip_clienttelemetry.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\AccessR_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Excel2019VL_KMS_Client_AE-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\wa\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\update_tracking\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-charts.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\ANTQUAB.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppTiles\contrast-white\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\contrast-white\SplashScreen.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_Trial2-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\WinWordLogo.contrast-black_scale-80.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\fontconfig.properties.src | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Smart Tag\1033\STINTL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Assets\GetStartedAppList.targetsize-16.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.help.base.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\deploy\messages_es.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\javaws.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000042\assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\msolap_xl.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\ReadFormat.bat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\VSTO\10.0\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\updater.ini | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libdcp_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\contrast-black\MusicStoreLogo.scale-200_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Templates\Presentation Designs\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\vi\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\SyncFusion.Grouping.Base.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-black\Square310x150Logo.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPoint2019R_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\EduWorks Data Streamer Add-In\DataStreamerLibrary.dll.config | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\EXCEL_COL.HXT | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\OsfInstallerConfig.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ca\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\hy.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProR_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-core-io-ui_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ExcelR_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\css\blafdoc.css | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-openide-io.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\images\cursors\win32_MoveDrop32x32.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPoint2019R_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSO99LRES.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\TRANSLAT\FREN\WT61FR.LEX | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\Lumia.ViewerPlugin\Assets\IconOpenInRefocus.contrast-high_scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1605.0_x64__8wekyb3d8bbwe\resources.pri | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\about.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\config\Modules\org-netbeans-lib-profiler-ui.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Microsoft3DViewer_1.1702.21039.0_x64__8wekyb3d8bbwe\Assets\Images\Tiles\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Bibliography\Style\GostTitle.XSL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\hu\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-crt-conio-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\lib\deployed\jdk16\windows-amd64\profilerinterface.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\hijrah-config-umalqura.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Colors\Green.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Interceptor.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\ExcelLogoSmall.contrast-black_scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.osgi.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGMN011.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PROOF\MSSP7FR.LEX | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft.NET\ADOMD.NET\130\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ga\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\misc\libaddonsvorepository_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\adovbs.inc | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.util_1.0.500.v20130404-1337.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-threaddump.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\zh-phonetic.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-progress-ui_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\AppxBlockMap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\LTR\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MEDIA\ARROW.WAV | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\AppxBlockMap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ExcelR_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Cartridges\as90.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AlarmsSplashScreen.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\resources.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-modules-progress-ui.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\shape_cylinder.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\PackageManifests\AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-crt-math-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\client-issuance-stil.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Cartridges\sqlpdw.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\api-ms-win-crt-filesystem-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\TRANSLAT\FREN\MSB1FREN.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libaom_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_10_p010_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\th.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\Peacock.htm | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_neutral_~_8wekyb3d8bbwe\AppxMetadata\AppxBundleManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\deploy\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Gallery.thmx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\Calibri Light-Constantia.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libaribsub_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libqsv_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\Images\Ratings\Yelp2.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\net.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-editor-mimelookup.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppPackageLargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\contrast-black\StoreWideTile.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Office\EmbossText.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppPackageAppList.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OutlookR_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProVL_KMS_Client-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.w3c.css.sac_1.3.1.v200903091627.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Integration\C2RManifest.Excel.Excel.x-none.msi.16.x-none.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\BCSRuntimeRes.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Spatial.NetFX35.V7.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\license.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-tools_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProCO365R_Subscription-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\FirstRunLogo.contrast-white_scale-80.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\en\Common.ExcelServices.Resources.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\softokn3.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\Lumia.ViewerPlugin\Assets\IconEditMoment.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\152.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msadrh15.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbyLocale_zh_TW.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\WordR_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\PREVIEWTEMPLATE.POTX | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\SKY\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\AppxBlockMap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\ant-javafx.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.garbagecollector.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019R_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ACEODBC.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ACEOLEDB.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ky\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AlarmsWideTile.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskmenu\oskmenubase.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-core-windows.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStd2019R_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Resources\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ckb\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\165.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\prodbig.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Colors\Median.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_mp4_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Personal2019R_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\3082\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\zh-TW\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\EDGE\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\TRANSLAT\MSB1CACH.LEX | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\Interceptor.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Contrast\contrast-white\BuilderLogo.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\contrast-white\AppPackageSmallTile.scale-100_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\nl-NL\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019R_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-masterfs.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.greychartplugin_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-core-output2_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-crt-runtime-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\codec\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\AppxMetadata\CodeIntegrity.cat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ps.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Mozilla Firefox\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwasapi_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-white\Weather_LogoSmall.targetsize-16.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libattachment_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\mce.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\GamesXboxHubWideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\LICENSE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_O16EnterpriseVL_Bypass30-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\OFFSYML.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libmod_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\QuickStyles\Default.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdO365R_SubTrial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\demux\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\ThirdPartyNotices.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\javah.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-modules-appui.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\org-netbeans-lib-profiler.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\PackageManifests\AppXManifest.90160000-00E2-0409-1000-0000000FF1CE.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdVL_KMS_Client-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Data.SapClient.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\fr\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\osfFPA\addins.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\pa-in.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\pl-PL\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\RemoveStart.rmi | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Content\desktop\en-GB\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-sa.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libdtv_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\SubsystemController.man | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019VL_MAK_AE-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\ECLIPSE\ECLIPSE.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\System\concrt140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\contrast-white\StoreWideTile.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_Trial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\nl\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_transcode_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\contrast-black\LargeLogo.scale-200_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\DebugInstall.htm | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-selector-ui.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\zu\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\AppxSignature.p7x | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_Retail3-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_Subscription3-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-openide-io.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\jpeg.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPointR_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL110.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\WWLIB.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Windows.Presentation.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\nb.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\about.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGMN075.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\GOTHICI.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\50.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\flight_recorder.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\README.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ky.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\fonts\LucidaBrightDemiBold.ttf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\GamesXboxHubSmallTile.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.OleDbInterop.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\No Symbol.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\configuration\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusinessR_Trial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\playlist\youtube.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Office\PlaneCut.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\hprof.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OneNoteVL_MAK-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\keychain.3mf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\contrast-black\Weather_TileSmallSquare.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Standard2019VL_KMS_Client_AE-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppTiles\contrast-white\MapsLargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Office\EmbossText.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\Bibliography\BIBFORM.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\offsymxb.ttf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\LargeLogo.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\about.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\adal.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\PowerPntLogoSmall.scale-80.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\RIPPLE\RIPPLE.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\System\msadc\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\dtplugin\deployJava1.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\StandardVL_MAK-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power Map Excel Add-in\VISUALIZATIONGRAPHICS.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\salesforce.ini | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGMN089.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\delete.avi | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremR_SubTrial3-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusinessVL_KMS_Client-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\api-ms-win-crt-time-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremDemoR_BypassTrial365-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\api-ms-win-core-timezone-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\Lightning bolt.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\auxpad\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-openide-nodes.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\pingsender.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\210x173\27.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\Offline\EppManifest.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraWideTile.contrast-black_scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Assets\Office\PlaneCutKeepBottom.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ql_2.0.100.v20131211-1531.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\vcruntime140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudent2019R_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\WordR_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\.data\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\TimerLargeTile.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libasf_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\artifacts.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\System\vcruntime140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\no\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\uk\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgrain_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AlarmsAppList.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Office\PlaneCut.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-lib-uihandler_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OutlookVL_MAK-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\wxpr.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MEDIA\CAMERA.WAV | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\EssentialReport.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\zu\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\AppxManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppPackageWideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\feedbck2.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Publisher2019R_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libnfs_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Windows Photo Viewer\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\RTL\contrast-white\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppTiles\contrast-black\MapsStoreLogo.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Place\RTL\contrast-black\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppPackageStoreLogo.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\ICE\ICE.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Infragistics2.Win.UltraWinTree.v8.1.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\wmpconfig.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\deploy\messages_zh_TW.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Integration\C2RManifest.officemui.msi.16.en-us.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\StandardVL_KMS_Client-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.OData.Core.NetFX35.V7.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\MTEXTRA.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\amd64\jvm.cfg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.docs.zh_CN_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ia\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremDemoR_BypassTrial365-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019VL_MAK_AE-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\FirstRunLogo.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\index.win32.bundle.map | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\api-ms-win-crt-conio-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\LAYERS\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\conticon.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-white\Weather_TileLargeSquare.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\256x256.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\pl\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\sk\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_output\libglwin32_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\Lumia.ViewerPlugin\Assets\IconOpenInCinemagraph.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\contrast-white\SplashScreen.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Office\Scale.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\ext\sunjce_provider.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\security\java.policy | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\Square44x44Logo.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Office\Print.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_SubTrial1-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\JitV.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\AppxManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-black\Weather_LogoSmall.targetsize-16.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Assets\GetStartedAppList.targetsize-20_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\mlib_image.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_duplicate_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL022.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher_1.3.0.v20140911-0143.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdR_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\NL7MODELS000C.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\vi\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-150_8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Assets\GetStartedAppList.targetsize-24_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\jp2native.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\images\cursors\invalid32x32.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProfessionalPipcR_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.Excel.DataWarehouse.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\Resources\1033\msmdsrvi.rll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\VSTO\vstoee90.tlb | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\deploy.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\EXPEDITN\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-profiling.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib\OpenSSL64.DllA\libcrypto-1_1-x64.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSPTLS.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\SKY\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\Csi.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdVL_MAK-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ACEODDBS.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Standard2019VL_KMS_Client_AE-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\msix.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\tl\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\gui\libqt_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\api-ms-win-crt-runtime-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\FirstRunLogo.scale-80.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdCO365R_SubTest-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProR_Trial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\OFFSYMK.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Wordcnv.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Work\contrast-white\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\elevation_service.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_SubTrial2-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProR_Trial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Smart Tag\IMCONTACT.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-crt-conio-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\pt_PT\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\video_splitter\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\feature.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019XC2RVL_KMS_ClientC2R-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\msoshext.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\AppxManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Assets\Office\PlaneCut.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.1.25002.0_neutral_~_8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\es-419.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\VBA\VBA7.1\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\boxed-delete.avi | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.actionProvider.exsd | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\jfxmedia.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\DW\DWTRIG20.EXE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\Office Setup Controller\Office.en-us\BRANDING.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msadce.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\MANIFEST.MF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-openide-execution.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-heapdump.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\GKWord.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGMN002.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\el\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-math-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ko.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows NT\TableTextService\TableTextServiceAmharic.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusiness2019R_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019DemoR_BypassTrial180-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\MSBuild\Microsoft\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.model.workbench.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power Map Excel Add-in\MICROSOFT.DATA.RECOMMENDATION.CLIENT.CORE.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\logger\libconsole_logger_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.targetsize-60_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.filesystem_1.4.100.v20140514-1614.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\org-netbeans-modules-profiler_visualvm.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdVL_MAK-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Place\contrast-white\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\TabIpsps.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup-impl_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_OEM_Perp3-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\he\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\p2\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.views.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\pt_BR\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\WinFXList.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\ja-jp.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\PackageManifests\AppXManifest.90160000-006E-0409-1000-0000000FF1CE.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\client-issuance-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\VoiceRecorderLargeTile.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\keypad\kor-kor.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\FormatClear.rar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019R_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\ARCTIC\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\hy\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\id\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_OEM_Perp5-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\VBA\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Publisher2019R_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\WinWordLogoSmall.contrast-white_scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\nb.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\hu-HU\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\mip_core.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\Square44x44Logo.targetsize-48_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Workflow\Density_Light.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProfessionalPipcR_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019MSDNR_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\423x173\10.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOIDCLIL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\wa\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\text_renderer\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Work\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdCO365R_SubTrial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\ClientOSub_eula.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppTiles\contrast-black\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\ECLIPSE_.RSA | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OneNoteR_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019VL_MAK_AE-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\WebView2Loader.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.commands.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_SubTrial4-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\images\buttons.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-black\Weather_TileLargeSquare.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.nb-no.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\VC\msdia90.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ODATACPP.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\mfc140u.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\uz\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Windows Media Player\Media Renderer\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Workflow\Density_Hard.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.apache.lucene.core_3.5.0.v20120725-1805.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-openide-io.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_highlight-soft_75_ffe45c_1x100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libjpeg_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.services.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EURO\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Personal2019R_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdR_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\QuickStyles\linessimple.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\PowerPntLogo.contrast-black_scale-80.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL118.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-crt-process-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msado25.tlb | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\management\jmxremote.access | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Messaging_3.26.24002.0_x64__8wekyb3d8bbwe\AppxMetadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libsvcdsub_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\PhotosLargeTile.contrast-white_scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\msmgdsrv.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\TrafficHub\contrast-white\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\GamesXboxHubMedTile.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\w2k_lsa_auth.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019VL_MAK_AE-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\RTL\contrast-black\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Common\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoVL_MAK-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProR_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\jdwp.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\nl\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Car\RTL\contrast-black\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\LTR\contrast-black\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GamesXboxHubWideTile.scale-200_contrast-high.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVCatalog.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\dblook | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_SubTrial2-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\GARA.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbyLocale_cs.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-attach_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-text_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Publisher2019R_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Mail\wab.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraWideTile.contrast-white_scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVIsvApi.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.transport.ecf.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\PackageManifests\AppXManifest.90160000-00E1-0000-1000-0000000FF1CE.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessPipcR_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\proof.en-us.msi.16.en-us.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\Images\Ratings\Yelp8.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-150_8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jdb.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-ui_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\423x173\12.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.app.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraSmallTile.contrast-white_scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageAppList.targetsize-60.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.browser.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\fa\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.concurrent_1.1.0.v20130327-1442.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-awt_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\AugLoop\third-party-notices.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Shared Gadgets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\MsMpEng.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AlarmsLargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\el-GR\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.databinding_1.4.2.v20140729-1044.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\BSSYM7.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\text_icon.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Messaging_3.2.24002.0_neutral_~_8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\he-IL\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000042\assets\assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudent2019DemoR_BypassTrial180-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\FPA_f4\FA000000005 | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\ANTQUAI.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\System\msvcp140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\LTR\contrast-black\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\images\cursors\win32_MoveNoDrop32x32.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365BusinessR_SubTest-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProCO365R_Subscription-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000049\StoreLogo.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-compat_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Professional2019R_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.OData.Edm.NetFX35.V7.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Cartridges\trdtv2r41.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\System\ole db\xmlrwbin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\skins\default.vlt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.workbench.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-heapwalker.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives_1.1.100.v20140523-0116.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vreg\proof.es-es.msi.16.es-es.vreg.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdXC2RVL_MAKC2R-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\VoiceRecorderAppList.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-explorer.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_Subscription3-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.ds_1.4.200.v20131126-2331.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\Cartridges\msql.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LivePersonaCard\images\default\linkedin_ghost_company.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\SONORA\SONORA.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_ts_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\symbols\ea-sym.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\javaws.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\DEEPBLUE\DEEPBLUE.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\Franklin Gothic.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\excelmui.msi.16.en-us.boot.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\net.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPointR_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Workflow\NavColumn_Black\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\contrast-white\Weather_TileSmallSquare.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-string-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\LICENSE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.targetsize-40_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019R_PrepidBypass-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\TRANSLAT\ENFR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremR_SubTrial4-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProfessionalDemoR_BypassTrial180-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PublisherR_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\playlist\rockbox_fm_presets.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\setEmbeddedCP | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\lib\locale\jfluid-server_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.w3c.dom.svg_1.1.0.v201011041433.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\th\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\playlist\koreus.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPoint2019R_Trial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Inquire.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\cgg\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Office\Ungroup.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\security\US_export_policy.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PPSLAX.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\TrafficHub\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Office\ProjectionSpheric.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppPackageLargeTile.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_SubTrial2-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\CANYON\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Infragistics2.Win.UltraWinStatusBar.v8.1.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\packetizer\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\visualization\libvisual_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Office\ResetCoord.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\XLCALL32.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\QuizShow.potx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\Cartridges\orcl7.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\traintrackleftturn.3mf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusinessEntry2019R_PrepidBypass-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\osm.x-none.msi.16.x-none.boot.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-api-caching_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\GOTHICBI.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\hr\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\xjc.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\psfontj2d.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\WMPNSSUI.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\PhotosMedTile.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageAppList.targetsize-16_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\WATER\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\1033\STSUCRES.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\cmm\CIEXYZ.pf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\video_filter\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_66\bin\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL108.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\Weather_TileMediumSquare.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsid.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Workflow\NavColumn_Black\Icon_Layout.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\PersonalMonthlyBudget.xltx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\BREEZE\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\EmptyReport.rdlc | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.AddIn.Contract.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\AppxSignature.p7x | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\MSOUC.HXS | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PROOF\MSGR8ES.LEX | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\RedAndBlackReport.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Licenses\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\fonts\LucidaTypewriterRegular.ttf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdCO365R_SubTest-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStd2019VL_KMS_Client_AE-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\contrast-white\SplashScreen.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\pt-PT\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\InkObj.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\IFDPINTL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PROOF\MSGR8EN.LEX | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft Help\nslist.hxl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GamesXboxHubSmallTile.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_~_8wekyb3d8bbwe\AppxMetadata\AppxBundleManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.jetty.continuation_8.1.14.v20131031.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_Subscription1-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\StopwatchSmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Car\RTL\contrast-white\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\GRLEX.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\officeappguardwin32.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ka\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPointR_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019XC2RVL_MAKC2R-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\BOOKOS.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_cycle_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\cardview-flag-dark.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL115.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProVL_MAK-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\Updates\Apply\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\contrast-black\LargeLogo.scale-125_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\Cloud_icon.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\insert\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-api_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\contrast-black\Movie-TVStoreLogo.scale-125_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Standard2019MSDNR_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\meta\reader\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\OFFSYMXB.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-crt-multibyte-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Security\BrowserCore\BrowserCore.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\No Symbol_icon.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-views_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Publisher2019R_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Home\contrast-white\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\contrast-white\AppPackageMedTile.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_Subscription3-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OneNoteFreeR_Bypass-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\brx\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\brx\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\NisSrv.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\contrast-black\AppList.scale-200_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\config\Modules\org-netbeans-lib-profiler-charts.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\PackageManifests\AppXManifest.90160000-0090-0409-1000-0000000FF1CE.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Assets\Office\EmbossText.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\QuickStyles\basicstylish.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft\OFFICE\Heartbeat\HeartbeatCache.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\uk\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\control\libntservice_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-text.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\StandardVL_KMS_Client-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_66\lib\security\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProfessionalPipcR_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\StandardR_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.apache.batik.util.gui_1.7.0.v200903091627.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-services.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\MSVCR110.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\AppxManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\WorldClockMedTile.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\AppxSignature.p7x | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Bibliography\Style\ISO690.XSL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\GFX.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\images\vlc-48.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStd2019R_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Publisher2019VL_KMS_Client_AE-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\COMPASS\COMPASS.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GamesXboxHubBadgeLogo.scale-200_contrast-high.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\StandardVL_MAK-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProfessionalPipcR_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStd2019R_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\VoiceRecorderSplashScreen.contrast-black_scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.operations.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\browser\omni.ja | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\LEVEL\LEVEL.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\contrast-black\AppPackageLargeTile.scale-100_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\contbig.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\MSOSEC.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-masterfs.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-api-annotations-common.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdO365R_Subscription-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\PROTTPLN.XLS | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ach\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll.sig | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremR_Subscription1-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MUOPTIN.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\jre\bin\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GamesXboxHubSplashScreen.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib\LibCurl64.DllA\OpenSSL64.DllA\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-core-timezone-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.apache.felix.gogo.shell_0.10.0.v201212101605.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\AugLoop\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Windows NT\TableTextService\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-selector-api.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPoint2019R_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LivePersonaCard\images\default\linkedin_ghost_profile_large.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\WinWordLogo.scale-80.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-black\Weather_TileSmallSquare.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\FileIcons\FileLogoExtensions.targetsize-24.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\WordR_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.MashupEngine.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGMN110.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\contrast-black\AppPackageSmallTile.scale-100_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_SubTrial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusDemoR_BypassTrial365-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Office.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\pt-BR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\zh-TW\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.Design.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.sun.el_2.2.0.v201303151357.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\EXCEL.HXS | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\powerview.x-none.msi.16.x-none.boot.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\QuickStyles\linesdistinctive.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\FPA_f7\FA000000007 | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libopus_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\AppxMetadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerConstraints.exsd | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\services_discovery\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ca.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\VBA\VBA6\VBE6EXT.OLB | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-white\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\LiveTile\6px.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_neutral_~_8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000009\FA000000009 | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-crt-stdio-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Word2019R_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\af\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\view.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\RTL\contrast-white\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.update.configurator.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Integration\C2RManifest.OSM.OSM.x-none.msi.16.x-none.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSQRY32.EXE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\HintBarEllipses.16.White.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Smart Tag\FPERSON.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\co\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Workflow\NavColumn_Black\Icon_Quality.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-queries_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\management-agent.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPointR_Trial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\license.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.syntheticattribute.exsd | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\TellMePowerPoint.nrr | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\FirstRunLogo.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\ucrtbase.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\uk\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\PhotosLargeTile.contrast-black_scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.ssl_1.0.0.v20140827-1444.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGMN054.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\an\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\hi\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\api-ms-win-core-synch-l1-2-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\sl\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\contrast-white\iheart-radio.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-swing-tabcontrol_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProXC2RVL_MAKC2R-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbyLocale_pt_BR.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\include\jawt.h | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\.lock | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-uisupport_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\dcpr.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_Subscription2-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGMN092.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\Fonts\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Home\LTR\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.text.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-snaptracer.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdXC2RVL_KMS_ClientC2R-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\requests\README.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-explorer_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\bg\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000042\catalog.json | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\ExcelMessageDismissal.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.rcp.product_5.5.0.165303\feature.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProVL_MAK-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProfessionalR_Trial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGMN096.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerActionExceptionHandlers.exsd | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\WinWordLogoSmall.contrast-white_scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\DEEPBLUE\DEEPBLUE.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\security\blacklisted.certs | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Cartridges\Sybase.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\StopwatchMedTile.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.net.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\ECLIPSE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\OIMG.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\TrafficHub\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\contrast-white\Weather_LogoSmall.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Container.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Word2019VL_KMS_Client_AE-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\REFINED\REFINED.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageAppList.targetsize-20.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\AppxManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-core-ui.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Outlook2019R_Trial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\Bibliography\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libsmf_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\ij.bat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\feature.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\splashscreen.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\mozavutil.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\mozglue.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\VoiceRecorderSmallTile.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\content-types.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\plugin.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\AppxSignature.p7x | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000009\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\liba52_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\AmStatusInstall.mof | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\UnblockConvert.rtf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft Help\MS.SPREADSHEETCOMPARE.16.1033.hxn | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\da\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\license.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-core-multiview.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_chromecast_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\id.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\meta\reader\filename.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_SubTrial5-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremR_Subscription2-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\StandardMSDNR_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\VSTO\vstoee100.tlb | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\InspectorOfficeGadget.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\modules\common.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Workflow\Density_Solid.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GetStartedMedTile.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-openide-loaders.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\pkeyconfig-office.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Home\RTL\contrast-white\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365EduCloudEDUR_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Personal2019R_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_66\lib\management\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-core_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\client_eula.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\QuickStyles\bwnumbered.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Web Server Extensions\16\BIN\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-crt-string-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msador15.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\include\win32\bridge\AccessBridgePackages.h | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft SQL Server\130\Shared\msasxpress.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\contrast-black\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\zh_CN\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_OEM_Perp5-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\af\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Car\RTL\contrast-white\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7-zip32.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PublisherVL_MAK-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\en\DatabaseCompare_k_col.hxk | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\kk\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\mpvis.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\LiveTile\1px.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019XC2RVL_KMS_ClientC2R-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\BORDERS\MSART5.BDR | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\javapackager.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\contrast-white\WideLogo.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Place\LTR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Office\DeselectAll.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-execution_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\glass.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\VBA\VBA7.1\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\deploy.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.Data.Recommendation.Client.Core.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.ComponentModel.DataAnnotations.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\AppxBlockMap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Resources\RequiredPrintCapabilities.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusiness2019R_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\MsMpCom.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\EVRGREEN\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\ext\localedata.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\OSFPROXY.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\ECHO\ECHO.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\tet\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\AppxBlockMap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Workflow\NavColumn_Black\Icon_Advanced Layout.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\base_altgr.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\fonts\LucidaSansRegular.ttf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\images\cursors\win32_LinkDrop32x32.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\RTL\contrast-black\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-api_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiler_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\TelemetryDashboard.xltx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\oc\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-api-progress_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Professional2019DemoR_BypassTrial180-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\Interceptor.tlb | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\contrast-black\SplashScreen.scale-125_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7zCon.sfx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\GRPHFLT\MS.WPG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ChakraCore.Debugger.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Office.Interop.Excel.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Infragistics2.Win.UltraWinGrid.v8.1.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\hr.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-swing-plaf.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_OEM_Perp5-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\en-US\wmpnscfg.exe.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Controls\EndOfLife\Assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageAppList.targetsize-40_altform-unplated_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\io.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\javaw.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LivePersonaCard\images\default\linkedin_logo_large.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\OCSCLIENTWIN32.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\requests\vlm_cmd.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\LTR\contrast-black\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.de-de.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProCO365R_SubTest-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libvcd_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppTiles\MapsStoreLogo.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-api-annotations-common.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.AnalysisServices.XLHost.Modeler.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_Trial2-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\NETWORK\NETWORK.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\d3d9\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libreal_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\OFFICE16\Office Setup Controller\pkeyconfig.companion.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbyLocale_fr.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Integration\C2RManifest.office32ww.msi.16.x-none.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusiness2019R_OEM_Perp4-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusE5R_Subscription-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power Map Excel Add-in\VISUALIZATIONCHARTCOMMON.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\DBGCORE.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\GKExcel.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsrom.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-favorites_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Printing.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\contrast-black\SplashScreen.scale-200_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudent2019R_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_Trial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ro\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libblendbench_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\PhotosAppList.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Home\RTL\contrast-white\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\ext\locale\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-utilities_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\officemui.msi.16.en-us.boot.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libtdummy_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_mmx_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.extensionlocation.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\PowerPntLogo.contrast-white_scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\QuickStyles\centered.dotx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ExcelTellMeOnnxModel.bin | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\5694B7BF-F90B-4679-9705-6AD758B21BEB\root\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\jce.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\Arial Black-Arial.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Effects\Extreme Shadow.eftx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\nb\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsar.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\lt.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\pt\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-crt-multibyte-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\deploy\messages_zh_CN.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.intro_3.4.200.v20130326-1254.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\fa\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\plugin.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\is\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-threaddump_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\misc\libxml_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\rtscom.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\ModuleAutoDeps\org-netbeans-modules-options-api.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPoint2019R_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\LyncVDI_Eula.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\api-ms-win-core-synch-l1-2-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\nl\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ia\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\resources.pri | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\boxed-split.avi | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-core-ui_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Integration\C2RManifest.proofing.msi.16.en-us.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ru\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Conversion.v3.5.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-api-progress.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LivePersonaCard\lpc.win32.bundle | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\GRPHFLT\PICTIM32.FLT | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\ConfigSecurityPolicy.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-spi-actions_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdR_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libhds_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\Weather_BadgeLogo.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\fonts\LucidaBrightItalic.ttf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\proof.es-es.msi.16.es-es.boot.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\excelcnv.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.Data.ConnectionUI.Dialog.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libogg_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\contrast-white\SplashScreen.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\javax.inject_1.0.0.v20091030.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-openide-text.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-utilities.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Integration\C2RManifest.PowerPoint.PowerPoint.x-none.msi.16.x-none.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Standard2019R_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\traintrackstraight.3mf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\send-email-16.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1605.0_x64__8wekyb3d8bbwe\AppxBlockMap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\hwrenclm.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL044.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\ResumeConvert.ini | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Windows Mail\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\calendars.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_SubTest5-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ADALPREVIOUS.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_Subscription-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\SkypeSrv\SKYPESERVER.TLB | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppPackageBadgeLogo.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_PrepidBypass-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\visualization\libglspectrum_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\Lumia.ViewerPlugin\Assets\IconEditRichCapture.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudent2019R_Trial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Personal2019R_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\modules\dkjson.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\Lumia.ViewerPlugin\Assets\IconOpenInCinemagraph.contrast-white_scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\resource.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Personal2019R_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiler_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ACEEXCH.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\STUDIO\STUDIO.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\MpEvMsg.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\TextureBitmaps\rcypaper.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.reconciler.dropins.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\ext\locale\updater_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\ARIALNB.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\requests\browse.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudentR_Trial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OutlookR_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\PhotosMedTile.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\nl.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\configuration\org.eclipse.equinox.simpleconfigurator\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power Map Excel Add-in\EXCELPLUGINCORE.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\NEWS.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\en-US\WMPMediaSharing.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\Square310x310Logo.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.winmd | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.lv-lv.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_ef8c08_256x240.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\file_obj.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\Updates\Apply\FilesInUse\5694B7BF-F90B-4679-9705-6AD758B21BEB\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\PowerPntLogoSmall.contrast-white_scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\index.win32.bundle | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\jfxswt.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Integral.thmx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPoint2019R_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\ONNXRuntime-0.5.X.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\AccessMessageDismissal.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\splashscreen.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ui_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\AccessR_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_SubTrial5-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\api-ms-win-core-xstate-l2-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\librotate_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\contrast-black\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-api-annotations-common_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\PackageManifests\AppXManifest.90160000-3101-0000-1000-0000000FF1CE.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-api-annotations-common.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OneNoteR_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\api-ms-win-crt-process-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\api-ms-win-crt-string-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Work\contrast-white\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\setNetworkClientCP | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\javafx_font.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\msvcp120.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\fy\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\contrast-white\StoreBadgeLogo.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\sr-Latn-RS\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\CASCADE\CASCADE.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Common.DatabaseCore.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\MSOHEV.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\gimap.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ExcelVL_KMS_Client-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\System.Spatial.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-utilities_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\GR8GALRY.GRA | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\officeinventoryagentlogon.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\Orange Circles.htm | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome_pwa_launcher.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\contrast-white\AppList.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Content\desktop\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\powerpivot.x-none.msi.16.x-none.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Work\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-snaptracer_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ExcelR_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\MSO.ACL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-util-enumerations_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProO365R_SubTrial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\rjmx.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusiness2019R_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\fontmanager.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_OEM_Perp6-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Home\LTR\contrast-black\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\ExcelLogoSmall.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\INDUST\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\comments.win32.tpn | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\sqlxmlx.rll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft Help\MS.WINWORD.16.1033.hxn | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365BusinessR_SubTrial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\FirstRunLogoSmall.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_66\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_OEM_Perp4-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365EduCloudEDUR_SubTrial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\msoetwres.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\LTR\contrast-black\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.common_3.6.200.v20130402-1505.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\CASCADE\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\TellMeWord.nrr | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\GARABD.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-black\Square310x310Logo.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\license.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProMSDNR_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSOHEV.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\MSASCuiL.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\resources.pri | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\java.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PersonalR_Trial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPointR_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\1033\BHOINTL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\cgg\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\VoiceRecorderSmallTile.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\security\local_policy.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\jawt.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\resources.pri | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs-nio2_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-heapwalker_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PROOF\msth8FR.LEX | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\ir.idl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\EduWorks Data Streamer Add-In\Microsoft.Office.Tools.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\msolui.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\mr\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_~_8wekyb3d8bbwe\AppxMetadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019DemoR_BypassTrial180-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\mojo_core.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Smart Tag\FDATE.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppPackageSplashScreen.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProDemoR_BypassTrial180-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PersonaSpy\PersonaSpy.js | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\Send2.16.GrayF.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Filters\msgfilt.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\SATIN\SATIN.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_OEM_Perp6-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-profiling.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vreg\office.x-none.msi.16.x-none.vreg.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.help.webapp_3.6.300.v20140407-1855.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdVL_MAK-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\pl\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Office\ProjectionPlanar.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\css\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-keyring-fallback.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-heapdump.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\StandardVL_MAK-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power View Excel Add-in\Microsoft.ReportingServices.Interfaces.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\Catalog.json | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\TextureBitmaps\cork.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_CN_5.5.0.165303\feature.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.configuration_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\System\FM20.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\Client2019_eula.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\en\SpreadsheetCompare.HxS | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusinessVL_MAK-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\OLicenseHeartbeat.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\Microsoft.AnalysisServices.AzureClient.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\Sun_icon.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.he-il.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\EXPTOOWS.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\EVRGREEN\EVRGREEN.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\IRIS\IRIS.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ga\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\http\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\MpCmdRun.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-loaders.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Standard2019MSDNR_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\SplashScreen.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\RMNSQUE\RMNSQUE.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Home\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\sr-Latn-RS\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\chrome.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MINSBROAMINGPROXY.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\LoadIcon_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_66\bin\plugin2\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdCO365R_Subscription-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libcroppadd_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\th.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\jsoundds.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ca\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-white\Icon.targetsize-256.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\ORGCHART.CHM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL105.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\office32ww.msi.16.x-none.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\css\main.css | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\misc\libaddonsfsstorage_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\Square44x44Logo.targetsize-256.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Assets\GetStartedAppList.targetsize-256.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\uk.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProMSDNR_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\OpenClose.vsx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\EXCEL_COL.HXC | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\pt_PT\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\msvcr120.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\RTL\contrast-black\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\VoiceRecorderSplashScreen.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\traintrackconnector.3mf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\Spacer\7px.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7-zip.chm | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.nl-nl.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_imem_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\AppxSignature.p7x | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.help.webapp.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\EXPEDITN\EXPEDITN.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-core-multitabs.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_SubTest-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OutlookR_Trial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libspatialaudio_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppTiles\MapsWideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\pl.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-crt-time-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\contrast-black\AppPackageMedTile.scale-100_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageAppList.targetsize-36.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\cmm\GRAY.pf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\cardview-moreimages.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\auxpad.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-sampler.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-sendopts.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ExcelVL_KMS_Client-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\es\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\SATIN\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\be.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\OFFICE16\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\423x173\4.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-openide-options.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Excel2019VL_MAK_AE-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1605.0_x86__8wekyb3d8bbwe\Microsoft.Advertising\bootstrap.js | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\adojavas.inc | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.net.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\AppVDllSurrogate32.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Car\RTL\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Outlook2019R_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\AppxBlockMap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-white\Weather_TileSmallSquare.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.console_1.1.0.v20140131-1639.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\Constantia-Franklin Gothic Book.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\react-native-win32.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000049\index.win32.bundle.map | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Templates\1033\ExpenseReport.xltx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Client.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_Subscription3-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL089.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\Unlock.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\hu\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Place\contrast-white\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\Multiply_icon.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdCO365R_SubTrial-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusinessVL_KMS_Client-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\en-US\wmpnssci.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\AppxSignature.p7x | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\LTR\contrast-white\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-api-search_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\VBA\VBA7.1\1033\VBEUIINTL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\orb.idl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\AppxMetadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OutlookR_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Personal2019R_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\SAEXT.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\CANYON\CANYON.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\epl-v10.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.jface.text.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\VoiceRecorderWideTile.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\AppxManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.core_0.10.100.v20140424-2042.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\playlist\jamendo.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\control\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\JAWTAccessBridge-64.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-execution_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-core-multiview.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\NAME.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\api-ms-win-crt-locale-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\WindowsIcons\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AlarmsSplashScreen.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\symbols\symbase.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\traintracksplit.3mf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\RTL\contrast-black\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\contrast-black\StoreBadgeLogo.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.fr-fr.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Resources\cursorXBOX_normal.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-white\Weather_TileWide.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\feature.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\loc\AppXManifestLoc.16.en-us.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ks_IN\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Core.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\210x173\34.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PublisherR_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\resources.pri | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\AppxManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Content\mobile\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\Calibri-Cambria.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Outlook2019R_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\librawvid_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Car\LTR\contrast-white\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\AppxManifest.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\LiveTile\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\lt-LT\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\mscss7wre_en.dub | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\WordR_Trial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\EXCEL_F_COL.HXK | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\ANTQUABI.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\ProtectionManagement.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Assets\GetStartedAppList.targetsize-16_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\AccessR_Trial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019DemoR_BypassTrial180-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\msvcp120.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Home\RTL\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\include\jdwpTransport.h | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\ExcelLogoSmall.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-openide-actions.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-modules-startup.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-125_8wekyb3d8bbwe\resources.pri | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.da-dk.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\policytool.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\AppxMetadata\CodeIntegrity.cat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\PowerPointNaiveBayesCommandRanker.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark_win.css | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\api-ms-win-crt-stdio-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft SQL Server\130\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GamesXboxHubBadgeLogo.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\DisableLock.iso | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\ext\sunjce_provider.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019MSDNR_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\VBA\VBA7.1\1033\VBENDF98.CHM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPointVL_KMS_Client-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\DocumentFormat.OpenXml.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\cardview-flag.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\RTL\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\fonts\LucidaTypewriterRegular.ttf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365BusinessR_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.AnalysisServices.Excel.Common.FrontEnd.XmlSerializers.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PROOF\msgr8en.dub | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-core-output2_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Resources\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\cardview-checkmark.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\VCRUNTIME140_APP.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\msmgdsrv_xl.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libpva_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\210x173\1.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\EduWorks Data Streamer Add-In\MicrosoftDataStreamerforExcel.dll.manifest | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudentVNextR_Trial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Assets\GetStartedAppList.targetsize-24_altform-unplated_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\wab32.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\ucrtbase.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Windows Defender\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusiness2019R_Trial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PROOF\MSHY7FR.LEX | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\Attribution\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\153.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\osknumpad\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\BORDERS\MSART10.BDR | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365EduCloudEDUR_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\ExcelLogo.contrast-black_scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\ExtExport.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-host-views.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\nl\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ONNXRuntime-0.5.X.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Office\PlaneCutKeepBoth.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiling_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_Trial2-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\SETLANG.HXS | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft.NET\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\NAMEEXT.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.addons.swt_1.1.1.v20140903-0821.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremR_Subscription3-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-swing-outline_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPointVL_KMS_Client-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019R_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\WEBSANDBOX.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\powerpointmui.msi.16.en-us.boot.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color120.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\fur.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\artifacts.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Word2019R_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\mfc140u.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ar.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-core.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libtcp_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Collections\contrast-black\MedTile.scale-125_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProR_Retail2-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_output\libflaschen_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\mip.exe.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019R_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GetStartedMedTile.scale-200_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\CalibriLI.ttf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\CASCADE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\BackupProtect.svg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdXC2RVL_KMS_ClientC2R-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Configuration\config.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Office\Ungroup.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.attributeTransformation.exsd | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_Subscription3-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeServiceBypassR_PrepidBypass-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSOCR.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\PAPYRUS\PAPYRUS.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\AppxBlockMap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\booklist.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\gtkHandle.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msado20.tlb | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\Resources\1033\msmdsrv.rll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-api-visual.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\BLENDS\BLENDS.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessPipcR_OEM_Perp-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.directorywatcher_1.1.0.v20131211-1531.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator_1.1.0.v20131217-1203.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Personal2019R_Trial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PublisherR_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProCO365R_Subscription-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\readme.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msadox.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\loc\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipschs.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\wsdetect.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_livehttp_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\misc\libfingerprinter_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\sk.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremR_Subscription4-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\MSASCui.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\AppxSignature.p7x | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\jre\lib\images\cursors\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\Microsoft.Excel.Amo.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\TrafficHub\contrast-white\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\vlm_export.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AlarmsSmallTile.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\epl-v10.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\OSFROAMINGPROXY.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_partstyle.css | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-openide-util.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\javaws.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\default_apps\gmail.crx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\java-rmi.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPointR_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\1033\osmia64.msi | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\favicon.ico | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libnormvol_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\topnav.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\prism_d3d.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PPRESOURCES.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ba.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\lib\locale\org-openide-modules_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\EntityPicker.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\TellMeRuntime.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_standard_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\include\win32\bridge\AccessBridgeCalls.c | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusiness2019DemoR_BypassTrial180-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGMN022.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\config\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ia\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Office\DeselectAll.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-remote_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\api-ms-win-crt-conio-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusEDUR_SubTrial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libftp_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\feature.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\AppVLP.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-templates.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\Garden.htm | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\ECLIPSE_.SF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\PROOF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\mn\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msado60.tlb | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\jaas_nt.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GamesXboxHubSplashScreen.scale-200_contrast-high.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\jsse.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProVL_MAK-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\microsoft.system.package.metadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\glib-lite.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Home\contrast-black\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudentR_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_output\libyuv_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Office\Object.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.net_1.2.200.v20140124-2013.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-cli_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libgain_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Office\PlaneCutKeepBottom.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\include\win32\bridge\AccessBridgeCalls.h | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\accessibility.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-black\Square44x44Logo.targetsize-256.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\Square44x44Logo.targetsize-16_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\423x173\31.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft Help\MS.POWERPNT.16.1033.hxn | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\pa\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\instrument.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-print_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\fonts\LucidaBrightDemiItalic.ttf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\PROFILE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSO.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\StopwatchLargeTile.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\Source Engine\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\hwrcommonlm.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL012.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_dummy_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\LogoCanary.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusiness2019DemoR_BypassTrial180-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AlarmsAppList.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioPro2019VL_KMS_Client_AE-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ks_IN\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\Mso50win32client.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\en\SpreadsheetCompare_col.hxc | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows NT\TableTextService\TableTextServiceYi.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Microsoft3DViewer_1.1702.21039.0_x64__8wekyb3d8bbwe\Assets\Images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\TrebuchetMs.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_O16ConsumerPerp_Bypass30-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib\OpenSSL64.DllA\libssl-1_1-x64.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libvpx_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GamesXboxHubLargeTile.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-execution.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-lib-uihandler.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\msvcr120.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\TimerWideTile.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-black\Icon.targetsize-32.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\FileIcons\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.transport.ecf.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\javacpl.cpl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\Documentation.url | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Place\RTL\contrast-white\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Home\contrast-black\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\154.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-swing-tabcontrol.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-host.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\REFINED\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\Cartridges\as80.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libcolorthres_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\PhotosLargeTile.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\WorldClockLargeTile.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000042\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\REFSAN.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\AppxSignature.p7x | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\RTL\contrast-white\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\423x173\39.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.zh-tw.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\fre\StartMenu_Win8.mp4 | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_output\libadummy_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Home\LTR\contrast-black\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1605.0_x64__8wekyb3d8bbwe\Microsoft.Advertising\bootstrap.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvm_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Effects\Milk Glass.eftx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\api-ms-win-crt-math-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_Subscription-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\de\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\OFFRHD.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Assets\GetStartedAppList.targetsize-20_altform-unplated_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\toc.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.workbench_3.106.1.v20140827-1737.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\Arial-Times New Roman.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraWideTile.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL097.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_OEM_Perp4-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\PROTTPLV.XLS | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\ICE\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\sr\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sr-spc.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\redshift.ini | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdXC2RVL_MAKC2R-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.ServiceModel.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\190.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\contrast-black\AppPackageMedTile.scale-125_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-GB\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\CopySet.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\DUBAI-MEDIUM.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Home\RTL\contrast-black\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\es.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\Checkmark.White.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_splitter\libpanoramix_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\dblook.bat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\Microsoft.SqlServer.Configuration.SString.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProR_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\contrast-black\AppPackageStoreLogo.scale-125_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\InkDiv.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Integration\C2RManifest.osmuxmui.msi.16.en-us.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Integration\C2RManifest.Proof.Culture.msi.16.en-us.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\ExcelLogo.contrast-white_scale-80.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Place\LTR\contrast-black\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Content\surfaceHub\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\it.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\lib\locale\org-openide-util_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\BOLDSTRI\BOLDSTRI.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\nss3.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\TextureBitmaps\newsprnt.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.core.commands_0.10.2.v20140424-2344.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGMN121.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\eclipse.inf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PublisherR_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\Cartridges\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libchorus_flanger_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\Lumia.ViewerPlugin\Assets\IconOpenInCinemagraph.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\cmm\LINEAR_RGB.pf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusDemoR_BypassTrial180-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\WINWORD_K_COL.HXK | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\OFFSYMXL.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\crashreporter.ini | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraSplashScreen.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\MANIFEST.MF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\core\locale\com-sun-tools-visualvm-modules-startup_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\logger\libfile_logger_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ml.pak | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\osm.x-none.msi.16.x-none.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-core-processthreads-l1-1-1.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libts_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\rmiregistry.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.swt.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\System\mfc140enu.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\BLENDS\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ckb\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\feature.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\jsound.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\Media Renderer\connectionmanager_dmr.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\tzmappings | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Publisher2019R_Trial-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\playlist\anevia_streams.luac | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\ECLIPSE_.SF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\contrast-white\SmallLogo.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.hi-in.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows NT\Accessories\WordpadFilter.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdVL_MAK-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Configuration\card_expiration_terms_dict.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\msvcp140.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\images\vlc16x16.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GamesXboxHubMedTile.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\kinit.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ExcelR_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Assets\GetStartedAppList.targetsize-16_altform-unplated_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft SQL Server\130\Shared\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\wordvisi.ttf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\client-issuance-root-bridge-test.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProR_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\Microsoft.Data.Odata.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\Resources\1033\msmdsrvi_xl.rll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\dialogs\mosaic_window.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageAppList.targetsize-96_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\Office16\OSPP.HTM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSSOAP30.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\deploy\splash.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\EXPSRV.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Place\contrast-black\WideTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msdarem.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-uihandler_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-common_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power Map Excel Add-in\WPFEXTENSIONS.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\GamesXboxHubBadgeLogo.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Office\PlaneCutKeepTop.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\javaw.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\feature.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Web Server Extensions\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-snaptracer.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.reportviewer.winforms.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\api-ms-win-crt-filesystem-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\plugins\spu\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProR_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\LEVEL\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019DemoR_BypassTrial180-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\tet\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\wsgen.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\pack200.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\contrast-white\AppList.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\REFINED\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Car\LTR\contrast-black\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_O16ConsumerPerp_Bypass30-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\epl-v10.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\org-openide-options.xml_hidden | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\unpack200.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sa_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraAppList.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageMedTile.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ExcelVL_MAK-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Car\RTL\contrast-white\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Colors\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\en-US\MsMpRes.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Collections\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\license.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\lib\nbexec64.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\INTLDATE.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\api-ms-win-crt-stdio-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.ru-ru.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msdfmap.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.databinding.observable.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019VL_MAK_AE-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\RICEPAPR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\Weather_TileMediumSquare.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\msvcr120.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdR_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\Arrow.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.targetsize-60_altform-unplated_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusEDUR_Subscription-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Storage.XmlSerializers.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\FirstRunLogo.contrast-black_scale-80.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\office32ww.msi.16.x-none.boot.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Mozilla Firefox\browser\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\cy\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\api-ms-win-crt-process-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlusR_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Publisher2019VL_MAK_AE-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000049\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PersonaSpy\PersonaSpy.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\ModuleAutoDeps\org-netbeans-core.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_OEM_Perp3-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-application.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-jmx.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib\1033\DSMESSAGES.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft SQL Server\130\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-crt-heap-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgradient_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\VGX\VGX.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\LTR\contrast-white\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Car\LTR\contrast-white\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-modules-applemenu.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Excel2019VL_MAK_AE-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Excel2019VL_MAK_AE-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\PowerPntLogo.scale-180.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSVCP140_APP.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\Cartridges\msjet.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\browser\features\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\GamesXboxHubLargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.jetty.io_8.1.14.v20131031.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-core-execution_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-white\Square44x44Logo.targetsize-256.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\mlib_image.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Client.Models.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\Edit.White.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Windows Media Player\Network Sharing\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\Donut.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\jjs.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-favorites_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_SubTrial5-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\Catalog\shape_pyramid.3mf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\AppxMetadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\license.html | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\MondoR_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\mscss7wre_es.dub | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\196.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\images\cursors\cursors.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\ORGCINTL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\ne\LC_MESSAGES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\modules\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Luna.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GamesXboxHubSmallTile.scale-200_contrast-high.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1605.0_x86__8wekyb3d8bbwe\Microsoft.Advertising\ormma.js | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\Stationery\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\Microsoft.Data.ConnectionUI.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\PhotosSmallTile.contrast-white_scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PowerPointCombinedFloatieModel.bin | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\firefox.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\ECLIPSE\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\msolap.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Photo Viewer\PhotoBase.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\AppxBlockMap.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\feature.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.databinding.observable.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\210x173\10.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jstack.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\VBA\VBA7.1\1033\VBLR6.CHM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-templates.xml_hidden | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Place\LTR\contrast-white\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.1.25002.0_neutral_~_8wekyb3d8bbwe\AppxMetadata\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jar.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-attach.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\ExcelLogo.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\VBA\VBA7.1\VBE7.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\video_output\libwinhibit_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\feature.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Outlook2019VL_MAK_AE-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\DataServices\FOLDER.ICO | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\libGLESv2.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Windows Portable Devices\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\de.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-core-windows.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\JOURNAL\JOURNAL.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\SmallLogo.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\fonts\LucidaTypewriterBold.ttf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office15\pidgenx.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProCO365R_SubTest-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\pt_BR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libflac_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libnuv_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-applemenu_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdXC2RVL_KMS_ClientC2R-ul.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\server\Xusage.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Bibliography\Author2String.XSL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\Resources\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Security\BrowserCore\en-US\BrowserCore.exe.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\en-US\msdaprsr.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-options-keymap.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-profiler.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OutlookR_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Standard2019R_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Standard2019R_Trial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Reference Assemblies\Microsoft\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\lij.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\jre\lib\security\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-profiling.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\fi\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GamesXboxHubAppList.scale-200_contrast-high.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jinfo.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\server\Xusage.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\contrast-white\Weather_SplashScreen.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.targetsize-24_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\fre\StartMenu_Win7_RTL.wmv | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\LTR\contrast-white\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\contrast-white\Square150x150Logo.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\Bears.htm | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\HeroHelp\Scenario2.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\SAMPLES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libhttp_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\TimerWideTile.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageAppList.targetsize-20_altform-unplated_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-jvmstat.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_SubTrial1-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageAppList.targetsize-32_altform-unplated_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudentR_Grace-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraSmallTile.contrast-black_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeServiceBypassR_PrepidBypass-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\npt.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\fonts\LucidaSansDemiBold.ttf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\OWSSUPP.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL026.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGMN086.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\Office Setup Controller\Office.en-us\PSS10O.CHM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft.NET\ADOMD.NET\130\Microsoft.AnalysisServices.AdomdClient.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\HeroHelp\Scenario3RTL.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.browser.jdp.ja_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-lib-uihandler.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Messaging_3.26.24002.0_x64__8wekyb3d8bbwe\_Resources\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Mail\wabimp.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\Movie-TVStoreLogo.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\javax.servlet_3.0.0.v201112011016.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\SEQCHK10.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\offsymt.ttf | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-api-caching.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_SubTrial1-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\msvcr120.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\bg\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Office\BooleanIntersect.scale-140.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-print_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\cardview-warning.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libstl_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\LiveTile\Icons_Icon_Wind_sm.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageAppList.targetsize-96.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\TEXTCONV\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\updater.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL119.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Smart Tag\LISTS\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\uninstall\shortcuts_log.ini | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Media Player\en-US\mpvis.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.text.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProO365R_SubTest-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libsubtitle_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PublisherR_Retail-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\WordR_OEM_Perp-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\locale\mr\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Defender\Offline\MsMpLics.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\Lumia.ViewerPlugin\Assets\IconEditMoment.contrast-high_scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\contrast-white\Weather_TileWide.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\PackageManifests\AppXManifest.90160000-00E1-0409-1000-0000000FF1CE.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Colors\Orange Red.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\SkypeSrv\MSO20SKYPEWIN32.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\api-ms-win-core-processthreads-l1-1-1.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Place\RTL\LargeTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\166.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019R_OEM_Perp-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\api-ms-win-crt-heap-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\.settings\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\en\SpreadsheetIQ.Diagram.Resources.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusinessR_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\VoiceRecorderSmallTile.contrast-white_scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\423x173\9.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ro-RO\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL083.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ACEODTXT.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\BOLDSTRI\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\LEVEL\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_bridge_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\core\locale\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-uihandler.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusiness2019R_Retail-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\pl\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\Cultures\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\misc\libvod_rtsp_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Integration\C2RManifest.Word.Word.x-none.msi.16.x-none.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\OFFICE.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\PhotosWideTile.contrast-black_scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Place\RTL\SmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423496926306.profile.gz | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000008\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\Icon.targetsize-48.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusinessEntryR_PrepidBypass-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\BLUEPRNT\BLUEPRNT.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OneNoteFreeR_Bypass-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProVL_MAK-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Office\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\en-GB\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioProR_Grace-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Client\C2R64.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Infragistics2.Shared.v11.1.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\Hand Prints.htm | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\org-netbeans-core_visualvm.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\VideoLAN\VLC\lua\http\js\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\Lumia.ViewerPlugin\Assets\IconEditRichCapture.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\resources.pri | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\plugin2\msvcr100.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Data.OData.Query.NetFX35.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MINSBPROXY.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\RMNSQUE\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\PhotosSmallTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\Assets\contrast-white\Logo.scale-125_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\preface.htm | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.core.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\Lumia.ViewerPlugin\Assets\IconOpenInCinemagraph.contrast-high_scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Resources\TopicPage\Images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\en\DatabaseCompare_f_col.hxk | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusiness2019VL_MAK_AE-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\ms\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019MSDNR_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProDemoR_BypassTrial180-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\ECLIPSE_.SF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Integration\C2RManifest.osmmui.msi.16.en-us.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Client.Initialization.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\MediumBlue.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msadcor.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\security\US_export_policy.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-attach.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Smart Tag\MOFL.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-150_8wekyb3d8bbwe\Assets\AppTiles\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.security.ui_1.1.200.v20130626-2037.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-openide-dialogs.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\dt_shmem.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Slice.thmx | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019R_OEM_Perp3-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MSIPC\et\msipc.dll.mui | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Tec.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vreg\dcfmui.msi.16.en-us.vreg.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sv.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-core-ui_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423496939244.profile.gz | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\423x173\1.jpg | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-spi-actions_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-keyring-impl.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\rsod\officemuiset.msi.16.en-us.tree.dat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\mshwLatin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_preferencestyle.css | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\Library\Analysis\FUNCRES.XLAM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL011.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\SpreadsheetIQ.ExcelAddIn.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.core.services_1.2.1.v20140808-1251.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\Tw Cen MT.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\LogoImages\PowerPntLogo.contrast-white_scale-80.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL010.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\STSLISTI.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1036\MSO.ACL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Standard2019R_Retail-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Car\LTR\contrast-black\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\index.gif | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\security\javaws.policy | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libstereo_widen_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageAppList.targetsize-30_altform-unplated_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.cs-cz.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-modules-core-kit.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-spi-actions.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\en\SpreadsheetIQ.ExcelServices.Resources.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\VoiceRecorderAppList.contrast-black_scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\EmbossBitmaps\Triangle_icon.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\Square310x150Logo.scale-100.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeStudentVNextR_Retail-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.OleDbProvider.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\VVIEWER.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Smart Tag\LISTS\1033\DATES.XML | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremR_Subscription2-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\StandardR_Trial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusiness2019R_OEM_Perp4-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProO365R_Subscription-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\wa\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Portable Devices\sqmapi.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageAppList.targetsize-256_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\setNetworkServerCP.bat | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-coredump_ja.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\HintBarEllipses.16.GrayF.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\EVRGREEN\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_output\libamem_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Windows Multimedia Platform\sqmapi.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jdeps.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.databinding.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\diagnostic-command-16.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.swt.nl_zh_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Integration\SPPRedist.msi | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe.manifest | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\STRTEDGE\STRTEDGE.INF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libadpcm_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\StreamServer.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.browser_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Windows Defender Advanced Threat Protection\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.jface_3.10.1.v20140813-1009.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\de-DE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.manipulator_2.0.0.v20131217-1203.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.contenttype_3.4.200.v20140207-1251.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\CAPSULES\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\xmsrv.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_realrtsp_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-utility-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msadomd28.tlb | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\INDUST\THMBNAIL.PNG | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageAppList.targetsize-48.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\Fonts\private\DUBAI-BOLD.TTF | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\LAYERS\LAYERS.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageBadgeLogo.scale-200.png | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsrus.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected] | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdO365R_SubTrial-ppd.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\VisioStdO365R_Subscription-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\1033\XLLEX.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Data.Edm.NetFX35.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib\OpenSSL64.DllA\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\ECLIPSE\ECLIPSE.ELM | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\msvcp120.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\lib\deploy\messages.properties | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProR_OEM_Perp-ul-phn.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\Microsoft.Office.Excel.DataModel.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\d3d11\libdirect3d11_filters_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libnsc_plugin.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\Outlook2019VL_KMS_Client_AE-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\ProjectProDemoR_BypassTrial180-ul-oob.xrm-ms | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-modules-keyring.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Colors\Marquee.xml | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOPRIV.DLL | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\Cartridges\sqlpdw.xsl | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\InkObj.dll | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.launcher_1.3.0.v20140415-2008.jar | C:\Users\Admin\AppData\Local\Temp\3259625056.exe | N/A |
Modifies Control Panel
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000\Control Panel\Desktop | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000\Control Panel\Desktop\TranscodedImageCount = "1" | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000\Control Panel\Desktop\LastUpdated = "4294967295" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000\Control Panel\Colors | C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000\Control Panel\Colors | C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02 | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance | C:\Windows\explorer.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 636 wrote to memory of 192 | N/A | C:\Users\Admin\AppData\Local\Temp\pcnew.exe | C:\115802396715453\winsvcs.exe |
| PID 636 wrote to memory of 192 | N/A | C:\Users\Admin\AppData\Local\Temp\pcnew.exe | C:\115802396715453\winsvcs.exe |
| PID 636 wrote to memory of 192 | N/A | C:\Users\Admin\AppData\Local\Temp\pcnew.exe | C:\115802396715453\winsvcs.exe |
| PID 192 wrote to memory of 788 | N/A | C:\115802396715453\winsvcs.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe |
| PID 192 wrote to memory of 788 | N/A | C:\115802396715453\winsvcs.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe |
| PID 192 wrote to memory of 788 | N/A | C:\115802396715453\winsvcs.exe | C:\Users\Admin\AppData\Local\Temp\3259625056.exe |
Processes
C:\Users\Admin\AppData\Local\Temp\pcnew.exe
"C:\Users\Admin\AppData\Local\Temp\pcnew.exe"
C:\115802396715453\winsvcs.exe
C:\115802396715453\winsvcs.exe
C:\Users\Admin\AppData\Local\Temp\3259625056.exe
C:\Users\Admin\AppData\Local\Temp\3259625056.exe
C:\Windows\explorer.exe
explorer.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
Network
| Country | Destination | Domain | Proto |
| N/A | 8.8.8.8:53 | trik.ws | udp |
| N/A | 217.8.117.10:8080 | trik.ws | tcp |
| N/A | 217.8.117.10:8080 | trik.ws | tcp |
| N/A | 8.8.8.8:53 | 304049943.ws | udp |
| N/A | 64.70.19.203:8080 | 304049943.ws | tcp |
Files
memory/192-0-0x0000000000000000-mapping.dmp
C:\115802396715453\winsvcs.exe
| MD5 | 1f8cef7b1f327e19ec561d1b80583d2d |
| SHA1 | 96795527c65711c13aef7f2cda3b5a0ff5779137 |
| SHA256 | c6ee0c5549619ebf81f7878da18a6e29ff315be7d0fb3d9b79b84717405c87f6 |
| SHA512 | 2bdb59b8ca921b7def3547c622a4357398566c475ed1c77aad4fe91f1171ddee1b0d3524463ead12a10bba19fb5e23dcad3b00e948c8bde585d315906fd782e2 |
C:\115802396715453\winsvcs.exe
| MD5 | 1f8cef7b1f327e19ec561d1b80583d2d |
| SHA1 | 96795527c65711c13aef7f2cda3b5a0ff5779137 |
| SHA256 | c6ee0c5549619ebf81f7878da18a6e29ff315be7d0fb3d9b79b84717405c87f6 |
| SHA512 | 2bdb59b8ca921b7def3547c622a4357398566c475ed1c77aad4fe91f1171ddee1b0d3524463ead12a10bba19fb5e23dcad3b00e948c8bde585d315906fd782e2 |
memory/788-3-0x0000000000000000-mapping.dmp
C:\Users\Admin\AppData\Local\Temp\3259625056.exe
| MD5 | 7d52884b375ce8b6182f1c53f0f1c496 |
| SHA1 | 6b70e90b0dada8d93c61caa678e76ce2abcbc76b |
| SHA256 | 9c48e8a5f83614f685249486a13a8a132660f37d11c5f55581414dbf02091021 |
| SHA512 | 24350255bda3672cce0ff22221e5973cd69f5b8470eb642e9679c3c006716271af8f32a2d4ee5309949c746eb9cb15bba411052fd4935a2a2b436501c7b4a515 |
C:\Users\Admin\AppData\Local\Temp\3259625056.exe
| MD5 | 7d52884b375ce8b6182f1c53f0f1c496 |
| SHA1 | 6b70e90b0dada8d93c61caa678e76ce2abcbc76b |
| SHA256 | 9c48e8a5f83614f685249486a13a8a132660f37d11c5f55581414dbf02091021 |
| SHA512 | 24350255bda3672cce0ff22221e5973cd69f5b8470eb642e9679c3c006716271af8f32a2d4ee5309949c746eb9cb15bba411052fd4935a2a2b436501c7b4a515 |
memory/3056-6-0x0000000007F80000-0x0000000007F81000-memory.dmp
\??\M:\$RECYCLE.BIN\S-1-5-21-3341490333-719741536-2920803124-1000\desktop.ini
| MD5 | a526b9e7c716b3489d8cc062fbce4005 |
| SHA1 | 2df502a944ff721241be20a9e449d2acd07e0312 |
| SHA256 | e1b9ce9b57957b1a0607a72a057d6b7a9b34ea60f3f8aa8f38a3af979bd23066 |
| SHA512 | d83d4c656c96c3d1809ad06ce78fa09a77781461c99109e4b81d1a186fc533a7e72d65a4cb7edf689eeccda8f687a13d3276f1111a1e72f7c3cd92a49bce0f88 |