Analysis Overview
SHA256
1589137eea1bc46db43c9b9229402646773876d527585f68fd58d37add5d8402
Threat Level: Known bad
The file a.scr was found to be: Known bad.
Malicious Activity Summary
Windows security bypass
Phorphiex Worm
Executes dropped EXE
Loads dropped DLL
Windows security modification
Adds Run key to start application
Enumerates connected drives
Drops desktop.ini file(s)
Drops file in Program Files directory
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK
Enterprise Matrix V6
Analysis: static1
Detonation Overview
Reported
2020-11-05 16:25
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2020-11-05 16:25
Reported
2020-11-05 16:27
Platform
win7v20201028
Max time kernel
149s
Max time network
78s
Command Line
Signatures
Phorphiex Worm
Windows security bypass
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\24857.exe | N/A |
| N/A | N/A | C:\65971246227968\winsvcs.exe | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\a.scr | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\24857.exe | N/A |
Windows security modification
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Security Center\FirewallOverride = "1" | C:\65971246227968\winsvcs.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Security Center\FirewallDisableNotify = "1" | C:\65971246227968\winsvcs.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Security Center\AntiVirusOverride = "1" | C:\65971246227968\winsvcs.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Security Center\AntiVirusDisableNotify = "1" | C:\65971246227968\winsvcs.exe | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\Microsoft Windows Services = "C:\\65971246227968\\winsvcs.exe" | C:\Users\Admin\AppData\Local\Temp\24857.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3825035466-2522850611-591511364-1000\Software\Microsoft\Windows\CurrentVersion\Run\Microsoft Windows Services = "C:\\65971246227968\\winsvcs.exe" | C:\Users\Admin\AppData\Local\Temp\24857.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\DllHost.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\a.scr
"C:\Users\Admin\AppData\Local\Temp\a.scr" /S
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c start C:\Users\Admin\AppData\Local\Temp\33427.jpg
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{76D0CB12-7604-4048-B83C-1005C7DDC503}
C:\Users\Admin\AppData\Local\Temp\24857.exe
C:\Users\Admin\AppData\Local\Temp\24857.exe
C:\65971246227968\winsvcs.exe
C:\65971246227968\winsvcs.exe
Network
| Country | Destination | Domain | Proto |
| N/A | 8.8.8.8:53 | trik.ws | udp |
| N/A | 217.8.117.10:80 | trik.ws | tcp |
| N/A | 217.8.117.10:80 | trik.ws | tcp |
| N/A | 217.8.117.10:80 | trik.ws | tcp |
| N/A | 217.8.117.10:80 | trik.ws | tcp |
Files
memory/1752-0-0x000007FEF5BC0000-0x000007FEF5E3A000-memory.dmp
memory/436-1-0x0000000000000000-mapping.dmp
C:\Users\Admin\AppData\Local\Temp\33427.jpg
| MD5 | a603d35899017876f5cbea46dbf223d4 |
| SHA1 | bbe3b9dc5ca78b399ae151afc0f03972e710b23b |
| SHA256 | 2fbfd083e8286b5715afc2b0f0b84dc11d211e18a4bdd3f9b4af6d5a2e833ab4 |
| SHA512 | 14100ee11d31da7dc051600c66e175569ad6026a550fa1167e5ecffee0f84bd6487b65eec45e32ac2e2b9b5bc338a952657187945bab7530896294d6e4cbc78f |
\Users\Admin\AppData\Local\Temp\24857.exe
| MD5 | c4f7ad9cdb934e4414e2cf58eb0062d1 |
| SHA1 | 30268fc11e0ef7e54e219ef0dee3b75734a85c67 |
| SHA256 | 3ee3db80ebec5075b9dfb525f00bc9a494af450a9d650c995fbe01e0ec2c84b8 |
| SHA512 | 5259699a3a075d41928ec8079e0bdef33176261cc4d63f3287377cc58f01f755468a850abb1c2552245dfb2814c9245f7ff0b77620fd669661ff8edf8cf83a38 |
memory/332-4-0x0000000000000000-mapping.dmp
C:\Users\Admin\AppData\Local\Temp\24857.exe
| MD5 | c4f7ad9cdb934e4414e2cf58eb0062d1 |
| SHA1 | 30268fc11e0ef7e54e219ef0dee3b75734a85c67 |
| SHA256 | 3ee3db80ebec5075b9dfb525f00bc9a494af450a9d650c995fbe01e0ec2c84b8 |
| SHA512 | 5259699a3a075d41928ec8079e0bdef33176261cc4d63f3287377cc58f01f755468a850abb1c2552245dfb2814c9245f7ff0b77620fd669661ff8edf8cf83a38 |
C:\Users\Admin\AppData\Local\Temp\24857.exe
| MD5 | c4f7ad9cdb934e4414e2cf58eb0062d1 |
| SHA1 | 30268fc11e0ef7e54e219ef0dee3b75734a85c67 |
| SHA256 | 3ee3db80ebec5075b9dfb525f00bc9a494af450a9d650c995fbe01e0ec2c84b8 |
| SHA512 | 5259699a3a075d41928ec8079e0bdef33176261cc4d63f3287377cc58f01f755468a850abb1c2552245dfb2814c9245f7ff0b77620fd669661ff8edf8cf83a38 |
\65971246227968\winsvcs.exe
| MD5 | c4f7ad9cdb934e4414e2cf58eb0062d1 |
| SHA1 | 30268fc11e0ef7e54e219ef0dee3b75734a85c67 |
| SHA256 | 3ee3db80ebec5075b9dfb525f00bc9a494af450a9d650c995fbe01e0ec2c84b8 |
| SHA512 | 5259699a3a075d41928ec8079e0bdef33176261cc4d63f3287377cc58f01f755468a850abb1c2552245dfb2814c9245f7ff0b77620fd669661ff8edf8cf83a38 |
memory/872-8-0x0000000000000000-mapping.dmp
C:\65971246227968\winsvcs.exe
| MD5 | c4f7ad9cdb934e4414e2cf58eb0062d1 |
| SHA1 | 30268fc11e0ef7e54e219ef0dee3b75734a85c67 |
| SHA256 | 3ee3db80ebec5075b9dfb525f00bc9a494af450a9d650c995fbe01e0ec2c84b8 |
| SHA512 | 5259699a3a075d41928ec8079e0bdef33176261cc4d63f3287377cc58f01f755468a850abb1c2552245dfb2814c9245f7ff0b77620fd669661ff8edf8cf83a38 |
C:\65971246227968\winsvcs.exe
| MD5 | c4f7ad9cdb934e4414e2cf58eb0062d1 |
| SHA1 | 30268fc11e0ef7e54e219ef0dee3b75734a85c67 |
| SHA256 | 3ee3db80ebec5075b9dfb525f00bc9a494af450a9d650c995fbe01e0ec2c84b8 |
| SHA512 | 5259699a3a075d41928ec8079e0bdef33176261cc4d63f3287377cc58f01f755468a850abb1c2552245dfb2814c9245f7ff0b77620fd669661ff8edf8cf83a38 |
Analysis: behavioral2
Detonation Overview
Submitted
2020-11-05 16:25
Reported
2020-11-05 16:27
Platform
win10v20201028
Max time kernel
53s
Max time network
130s
Command Line
Signatures
Phorphiex Worm
Windows security bypass
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\21292.exe | N/A |
| N/A | N/A | C:\221622968119831\winsvcs.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
Windows security modification
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Security Center\AntiVirusOverride = "1" | C:\221622968119831\winsvcs.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Security Center\AntiVirusDisableNotify = "1" | C:\221622968119831\winsvcs.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Security Center\FirewallOverride = "1" | C:\221622968119831\winsvcs.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Security Center\FirewallDisableNotify = "1" | C:\221622968119831\winsvcs.exe | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\Microsoft Windows Services = "C:\\221622968119831\\winsvcs.exe" | C:\Users\Admin\AppData\Local\Temp\21292.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000\Software\Microsoft\Windows\CurrentVersion\Run\Microsoft Windows Services = "C:\\221622968119831\\winsvcs.exe" | C:\Users\Admin\AppData\Local\Temp\21292.exe | N/A |
Drops desktop.ini file(s)
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\Desktop.ini | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\desktop.ini | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
Enumerates connected drives
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome.dll.sig | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\elevation_service.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\bg.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\VSTO\vstoee100.tlb | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVFileSystemMetadata.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\base_rtl.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-stdio-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\configuration\org.eclipse.update\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\keypad\keypadbase.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppvIsvSubsystems64.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\Stars.jpg | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\hu.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsptb.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\jre\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\gu.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\en-US\msdasqlr.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\DisableCompare.tmp | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\he-IL\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msado26.tlb | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\adcvbs.inc | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\EnterSubmit.scf | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\jre\lib\images\cursors\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsid.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\CheckpointResolve.php | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\Triedit\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\bg-BG\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\hwrenclm.dat | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\en-US\msdaremr.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\SmallLogo.png | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\LICENSE | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\extcheck.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\th-TH\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\SetupMetrics\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipshe.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msdaprsr.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\is.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\tr-TR\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\fr.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-string-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ku-ckb.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsnor.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\VGX\VGX.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\gl.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\IpsMigrationPlugin.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msdaremr.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\_platform_specific\win_x64\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\it-IT\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ko-KR\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\th-TH\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\TipRes.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\de-DE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\StreamServer.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\base_heb.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\hwrcommonlm.dat | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-process-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.it-it.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskpred\oskpredbase.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\tipskins.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ml.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\jre\lib\fonts\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\ielowutil.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\rmic.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\kab.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\co.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-core-synch-l1-2-0.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.et-ee.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\IpsPlugin.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\ShadesOfBlue.jpg | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\adovbs.inc | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\be.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ru-RU\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\default_apps\youtube.crx | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\include\classfile_constants.h | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\da-DK\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RCom.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\en-US\msdaprsr.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ne.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Internet Explorer\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipscat.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\javac.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.en-us.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\osknav\osknavbase.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msador28.tlb | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\CopyGet.mpg | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\SmallLogoCanary.png | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\policytool.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-time-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\he.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-GB\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsdeu.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsel.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\include\win32\bridge\AccessBridgePackages.h | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\7-Zip\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.hi-in.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\GreenBubbles.jpg | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\wab32res.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\rmiregistry.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7-zip32.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ba.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-private-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\bn.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mng2.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\mojo_core.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msdfmap.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msadox.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\hu.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\sw.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsfin.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sr-spl.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\zh-CN\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\stopNetworkServer | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\bci.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskmenu\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\javafxpackager.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\cs-CZ\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\pt-BR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\osknumpad\osknumpadbase.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\ar-SA\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\Shades of Blue.htm | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\bn.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\nb.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fi-FI\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\Garden.jpg | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\sysinfo.bat | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\awt.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\sr-Latn-RS\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\BlockSelect.cr2 | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\pl.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jabswitch.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\et.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\include\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Installer\chrome.7z | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\vi.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\sqmapi.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\System\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVOrchestration.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\zh-TW\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\default_apps\docs.crx | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\images\bing.ico | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\descript.ion | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\he.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\MEIPreload\manifest.json | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\include\win32\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\FlickLearningWizard.exe.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\lt.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derby.war | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbyLocale_de_DE.jar | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\ja-JP\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\de.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\es-419.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\split.avi | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\gu.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jarsigner.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ca.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.nb-no.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\en-US\sqloledb.rll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7z.sfx | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\en-US.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\ij.bat | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\tr.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\offreg.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RUI.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.pt-br.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\BackupSync.mp2 | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVClient.man | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\EnableSend.ppt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\zh-tw.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVIsvVirtualization.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbyLocale_pl.jar | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\va.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msado15.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipskor.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\nb.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jstat.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\readme.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsplk.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\auxpad.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\lv-LV\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\nl-NL\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\tabskb.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\en-US\msadcor.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\en-US\hmmapi.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\setEmbeddedCP | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7z.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\InputPersonalization.exe.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.ko-kr.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\fa.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVIsvSubsystemController.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsar.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\adojavas.inc | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\SmallLogoDev.png | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\derby_common.bat | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\an.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\startNetworkServer | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\ApproveRepair.crw | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\jre\lib\jfr\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\setNetworkServerCP | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ms.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jmap.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Installer\chrmstp.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\wab32.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\LogoBeta.png | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\IpsMigrationPlugin.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\delete.avi | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\sqlxmlx.rll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\zh-CN.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\boxed-correct.avi | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\it.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\msxactps.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\History.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sr-spc.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\VC\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msaddsr.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\default_apps\external_extensions.json | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_CN_5.5.0.165303\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\pl-PL\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\OFFICE16\Office Setup Controller\pkeyconfig.companion.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\jre\lib\ext\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\te.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\hr.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-core-file-l1-2-0.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\sqloledb.rll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\ko-KR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\LogoCanary.png | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\HWRCustomization\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\sv.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\OFFICE16\Office Setup Controller\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.bg-bg.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-utility-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\notification_helper.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\el.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbytools.jar | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\Bears.htm | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\ServiceWatcherSchedule.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\appvcleaner.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\uk-UA\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\nb-NO\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\vi.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\Services\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\IntegratedOffice.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\et-EE\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\Hand Prints.htm | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\SetupMetrics\20201028183044.pma | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\fr-FR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\include\jvmticmlr.h | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\TipRes.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ga.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\fur.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.ar-sa.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.pt-pt.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\msvcp120.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\el-GR\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskmenu.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\dblook | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ClickToRun\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\ucrtbase.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\_platform_specific\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\symbols\ja-jp-sym.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\libGLESv2.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\jre\lib\security\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\InspectorOfficeGadget.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\IEShims.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\base_jpn.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\License.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\VSTO\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\iexplore.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\SIGNUP\install.ins | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\yo.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\Peacock.htm | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\7-Zip\Lang\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\ClientCapabilities.json | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\vcruntime140.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\v8_context_snapshot.bin | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskclearui\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\IPSEventLogMsg.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\ExitSearch.mpeg3 | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\zh-TW.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\javadoc.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.lv-lv.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\mshwLatin.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\sqloledb.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\serialver.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipshrv.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\he-IL\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\hr-HR\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome_elf.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVScripting.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.sk-sk.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\Soft Blue.htm | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\ApproveEdit.bmp | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\Green Bubbles.htm | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\SetupMetrics\20201028183016.pma | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Extensions\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\chrome.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipssrb.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\CompareReceive.xlsm | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\VSTO\10.0\1033\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\CompressDisable.MTS | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msadomd.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\System\Ole DB\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\uk.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\System\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\desktop.ini | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskpred.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\Content.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msadox28.tlb | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-multibyte-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\en-US\sqlxmlx.rll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ms.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-core-timezone-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Internet Explorer\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\sr-Latn-RS\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msadco.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\MEIPreload\preloaded_data.pb | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jstatd.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\zh-CN\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbyclient.jar | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\wsimport.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskclearui.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\resources.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.ro-ro.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jjs.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Internet Explorer\SIGNUP\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\java.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\README-JDK.html | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\swiftshader\libGLESv2.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.hu-hu.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\javapackager.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\el-GR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\pa-in.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\si.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.hr-hr.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipstr.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbyLocale_fr.jar | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\insert\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\osknumpad.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\sv-SE\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\OFFICE16\LICLUA.EXE | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\Roses.htm | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\jre\lib\management\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\LanguageModel\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\MSInfo\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sv.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.vi-vn.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\VSTO\vstoee.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\jre\bin\dtplugin\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\kaa.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\rtscom.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\chrome_proxy.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbyLocale_ja_JP.jar | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\MSInfo\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsrom.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\mip.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome_pwa_launcher.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.fi-fi.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\sk-SK\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\Logo.png | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbyLocale_hu.jar | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7-zip.chm | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\sv-SE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\icudtl.dat | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\id.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\nl-NL\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\wsgen.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ku.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sq.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\ja-jp.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mr.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ko.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.he-il.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\hi.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Installer\setup.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ar.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\jre\lib\amd64\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\jre\lib\applet\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\db\lib\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\ktab.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.ru-ru.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\en-US\msaddsr.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jsadebugd.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\3RDPARTY | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\fi-FI\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\configuration\org.eclipse.equinox.simpleconfigurator\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.sr-latn-rs.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\FlickAnimation.avi | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\Triedit\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-core-processthreads-l1-1-1.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\LICENSE | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\ru-RU\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\OrangeCircles.jpg | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\servertool.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\rtscom.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.sv-se.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\FrequentOfficeUpdateSchedule.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\correct.avi | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\baseAltGr_rtl.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\msdaosp.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-core-file-l2-1-0.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\klist.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.el-gr.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\NetworkServerControl | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\fr.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\eu.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\lt-LT\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\hu-HU\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\bg.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\en-US\msadcer.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome_200_percent.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\fi.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\TabIpsps.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ta.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.sl-si.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskclearui\oskclearuibase.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ast.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\ij | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ka.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\oledbvbs.inc | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVCatalog.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msadcer.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\include\win32\bridge\AccessBridgeCallbacks.h | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsjpn.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\sl-SI\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\sl.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\lt-LT\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ky.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\tr-TR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msado25.tlb | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\DirectDB.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7zFM.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jcmd.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\schemagen.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\include\jvmti.h | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\HideRedo.MOD | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\concrt140.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Internet Explorer\images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msdaprst.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\en-GB.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2R64.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\auxpad\auxbase.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\hu-HU\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\Roses.jpg | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jps.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\pack200.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\86.0.4240.111.manifest | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7-zip.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\zh-cn.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\hwrusash.dat | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\en-GB\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\include\jawt.h | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\uz.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7z.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\msix.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\eventlog_provider.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\fr-CA\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppvIsvSubsystems32.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\uk.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-environment-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.ms-my.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsfra.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\javaw.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\cs.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\fy.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Installer\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\ko-kr.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\en-US\oledb32r.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\jre\lib\cmm\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\appletviewer.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\msvcr100.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\az.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\swiftshader\libEGL.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\cs.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.tr-tr.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jstack.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbyLocale_pt_BR.jar | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.pl-pl.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\Bears.jpg | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msador15.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\sqlxmlx.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\ExtExport.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\keypad.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\es-ES\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\86.0.4240.111\swiftshader\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msadrh15.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\javah.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\TabTip.exe.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-runtime-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\hmmapi.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\es.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsnld.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\bin\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7zG.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\jre\bin\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-heap-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jrunscript.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\setNetworkClientCP.bat | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\RepoMan.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\es-ES\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskmenu\oskmenubase.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\id.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\nl.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RHeartbeatConfig.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-math-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.de-de.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\TipTsf.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\include\win32\bridge\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\adcjavas.inc | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\dblook.bat | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\setEmbeddedCP.bat | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\86.0.4240.111\default_apps\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\sr.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\en-US\ieinstal.exe.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\System\msadc\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jhat.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\MSInfo\en-US\msinfo32.exe.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\kinit.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\jre\lib\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\hy.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\insert\insertbase.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVPolicy.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\da.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\msdasqlr.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mk.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\System\msadc\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbynet.jar | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\auxpad\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ro-RO\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msadcor.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\RELEASE-NOTES.html | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsesp.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\zh-TW\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\Stars.htm | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\oledb32r.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mn.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\fil.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\fa.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-filesystem-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\include\win32\jawt_md.h | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\sk-SK\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsita.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\mraut.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\MSInfo\msinfo32.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ja.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\tnameserv.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\th.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOMessageProvider.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\nacl_irt_x86_64.nexe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\master_preferences | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskpred\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-locale-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\pt-br.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\de-DE\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\pt.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-core-xstate-l2-1-0.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-convert-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\pl.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sa.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\io.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\ApiClient.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\base_ca.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\OFFICE16\Office Setup Controller\pidgenx.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-core-localization-l1-2-0.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.ja-jp.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\msvcr120.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\SubsystemController.man | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipssve.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\javap.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\include\jni.h | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\boxed-delete.avi | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\tabskb.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\jre\bin\server\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\default_apps\drive.crx | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll.sig | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\osknav\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ar-SA\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\it-IT\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jmc.ini | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\attach.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\de.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\cpprestsdk.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\osknav.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\InkDiv.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Services\verisign.bmp | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\oledbjvs.inc | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\et.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\orbd.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7zCon.sfx | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\include\win32\bridge\AccessBridgeCalls.c | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.zh-cn.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jar.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\System\ado\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\tipresx.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\el.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ru.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Google\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ja.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\86.0.4240.111\MEIPreload\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\mshwgst.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\default_apps\gmail.crx | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbyLocale_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.uk-ua.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\VC\msdia90.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\hr.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ro.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\TextConv\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\en-US\wab32res.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\zh-changjei.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\SharedPerformance.man | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\include\win32\bridge\AccessBridgeCalls.h | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOInstaller.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\NOTICE | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\IPSEventLogMsg.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\lv.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.fr-fr.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\keypad\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\pl-PL\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\Peacock.jpg | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\sk.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\java-rmi.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\rmid.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\startNetworkServer.bat | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbyLocale_zh_TW.jar | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\osknumpad\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.th-th.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jdb.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.id-id.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\br.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ca.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbyLocale_ru.jar | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\native2ascii.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derby.jar | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ko.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsrus.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\msdasql.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fr-FR\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\symbols\ea-sym.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsen.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\d3dcompiler_47.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\hi.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\et-EE\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\LanguageModel\chstic.dgml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\System\Ole DB\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\kn.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\micaut.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\jre\lib\deploy\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jdeps.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\TextConv\en-US\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\base.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\NetworkServerControl.bat | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\cy.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\it.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\nb-NO\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\i640.hash | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\Alphabet.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\cs-CZ\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\mshwLatin.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\symbols\symbase.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jmc.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVIsvApi.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\Source Engine\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\FlickLearningWizard.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\keypad\ea.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\ta.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ru.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\nn.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msader15.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\stopNetworkServer.bat | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mng.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\lij.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbyLocale_es.jar | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\bg-BG\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVManifest.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\am.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\COPYRIGHT | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\javafx-src.zip | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\fi.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\pt-PT\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\libEGL.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\eo.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ro.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\CopyGet.tif | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\DESIGNER\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\boxed-split.avi | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\hwrlatinlm.dat | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\lv-LV\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\SoftBlue.jpg | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Extensions\external_extensions.json | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\es.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\VGX\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\System\ado\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msado28.tlb | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\kk.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\MavInject32.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msado21.tlb | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome.exe.sig | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\idlj.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.zh-tw.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\jre\bin\plugin2\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipscht.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\VC\msdia100.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOInstallerUI.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msadds.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\include\jdwpTransport.h | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVIntegration.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\Microsoft.Ink.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jinfo.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\setNetworkServerCP.bat | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\ShapeCollector.exe.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipschs.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\Garden.htm | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\VSTO\vstoee90.tlb | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\configuration\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jvisualvm.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbyoptionaltools.jar | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\vccorlib140.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fr-CA\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\EnableBlock.dwg | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2R32.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\join.avi | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ext.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\msdaps.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\pt-BR.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbyLocale_cs.jar | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-conio-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbyLocale_it.jar | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\InkObj.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\ro-RO\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVClientIsv.man | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\zh-dayi.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\hwrusalm.dat | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\lv.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ar.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbyLocale_ko_KR.jar | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsptg.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.da-dk.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipsdan.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\db\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\mr.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\iediagcmd.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\es-MX\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\BlockClear.tiff | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\msdatl3.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\unpack200.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\lt.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\OFFICE16\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\base_kor.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\micaut.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\hr-HR\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.kk-kz.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\Orange Circles.htm | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msadomd28.tlb | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msdarem.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\chrome_100_percent.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ug.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ps.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipssrl.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jli.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\xjc.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\es-MX\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\boxed-join.avi | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\insert.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipshi.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Uninstall.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msado27.tlb | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\mip.exe.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\pt-BR\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVIsvStreamingManager.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\WidevineCdm\manifest.json | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\dropins\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sl.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sk.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\sl-SI\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\lib\derbyrun.jar | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.cs-cz.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\javaws.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\LogoDev.png | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\jre\lib\images\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\oledb32.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\base_altgr.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msado60.tlb | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\tr.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\keypad\kor-kor.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\th.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\uk-UA\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\keytool.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\jre\bin\dcpr.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\en.ttt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\Desktop.ini | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\en-US\msader15.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\msadce.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\VisualElements\SmallLogoBeta.png | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.nl-nl.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\VSTO\10.0\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Stationery\HandPrints.jpg | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\pt-PT.pak | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\nl.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\sysinfo | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\i640.cab.cat | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\tt.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\Stationery\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\symbols.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\da.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\zh-phonetic.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\ado\msado20.tlb | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\chrome.VisualElementsManifest.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\DESIGNER\MSADDNDR.OLB | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\ApproveRestart.scf | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.lt-lt.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\tpcps.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\da-DK\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\msvcp140.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ja-JP\tipresx.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Internet Explorer\ieinstal.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\af.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\db\bin\setNetworkClientCP | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\en-US\InkObj.dll.mui | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ShapeCollector.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\ClientEventLogMessages.man | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\86.0.4240.111\Locales\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\db\bin\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\bin\jconsole.exe | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.rcp.product_5.5.0.165303\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\pt-PT\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ink\ipscsy.xml | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\OFFICE16\Office Setup Controller\pkeyconfig-office.xrm-ms | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.8.0_66\include\win32\jni_md.h | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.es-es.dll | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\symbols\Read_Me.txt | C:\Users\Admin\AppData\Local\Temp\2465529280.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\a.scr
"C:\Users\Admin\AppData\Local\Temp\a.scr" /S
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c start C:\Users\Admin\AppData\Local\Temp\33137.jpg
C:\Users\Admin\AppData\Local\Temp\21292.exe
C:\Users\Admin\AppData\Local\Temp\21292.exe
C:\221622968119831\winsvcs.exe
C:\221622968119831\winsvcs.exe
C:\Users\Admin\AppData\Local\Temp\2465529280.exe
C:\Users\Admin\AppData\Local\Temp\2465529280.exe
Network
| Country | Destination | Domain | Proto |
| N/A | 8.8.8.8:53 | trik.ws | udp |
| N/A | 217.8.117.10:80 | trik.ws | tcp |
| N/A | 217.8.117.10:80 | trik.ws | tcp |
| N/A | 217.8.117.10:80 | trik.ws | tcp |
| N/A | 8.8.8.8:53 | 304049943.ws | udp |
| N/A | 64.70.19.203:80 | 304049943.ws | tcp |
| N/A | 64.70.19.203:80 | 304049943.ws | tcp |
| N/A | 64.70.19.203:80 | 304049943.ws | tcp |
Files
memory/3892-0-0x0000000000000000-mapping.dmp
memory/3628-1-0x0000000000000000-mapping.dmp
C:\Users\Admin\AppData\Local\Temp\21292.exe
| MD5 | c4f7ad9cdb934e4414e2cf58eb0062d1 |
| SHA1 | 30268fc11e0ef7e54e219ef0dee3b75734a85c67 |
| SHA256 | 3ee3db80ebec5075b9dfb525f00bc9a494af450a9d650c995fbe01e0ec2c84b8 |
| SHA512 | 5259699a3a075d41928ec8079e0bdef33176261cc4d63f3287377cc58f01f755468a850abb1c2552245dfb2814c9245f7ff0b77620fd669661ff8edf8cf83a38 |
C:\Users\Admin\AppData\Local\Temp\21292.exe
| MD5 | c4f7ad9cdb934e4414e2cf58eb0062d1 |
| SHA1 | 30268fc11e0ef7e54e219ef0dee3b75734a85c67 |
| SHA256 | 3ee3db80ebec5075b9dfb525f00bc9a494af450a9d650c995fbe01e0ec2c84b8 |
| SHA512 | 5259699a3a075d41928ec8079e0bdef33176261cc4d63f3287377cc58f01f755468a850abb1c2552245dfb2814c9245f7ff0b77620fd669661ff8edf8cf83a38 |
C:\221622968119831\winsvcs.exe
| MD5 | c4f7ad9cdb934e4414e2cf58eb0062d1 |
| SHA1 | 30268fc11e0ef7e54e219ef0dee3b75734a85c67 |
| SHA256 | 3ee3db80ebec5075b9dfb525f00bc9a494af450a9d650c995fbe01e0ec2c84b8 |
| SHA512 | 5259699a3a075d41928ec8079e0bdef33176261cc4d63f3287377cc58f01f755468a850abb1c2552245dfb2814c9245f7ff0b77620fd669661ff8edf8cf83a38 |
memory/576-4-0x0000000000000000-mapping.dmp
C:\221622968119831\winsvcs.exe
| MD5 | c4f7ad9cdb934e4414e2cf58eb0062d1 |
| SHA1 | 30268fc11e0ef7e54e219ef0dee3b75734a85c67 |
| SHA256 | 3ee3db80ebec5075b9dfb525f00bc9a494af450a9d650c995fbe01e0ec2c84b8 |
| SHA512 | 5259699a3a075d41928ec8079e0bdef33176261cc4d63f3287377cc58f01f755468a850abb1c2552245dfb2814c9245f7ff0b77620fd669661ff8edf8cf83a38 |
memory/2072-7-0x0000000000000000-mapping.dmp
C:\Users\Admin\AppData\Local\Temp\2465529280.exe
| MD5 | 7d52884b375ce8b6182f1c53f0f1c496 |
| SHA1 | 6b70e90b0dada8d93c61caa678e76ce2abcbc76b |
| SHA256 | 9c48e8a5f83614f685249486a13a8a132660f37d11c5f55581414dbf02091021 |
| SHA512 | 24350255bda3672cce0ff22221e5973cd69f5b8470eb642e9679c3c006716271af8f32a2d4ee5309949c746eb9cb15bba411052fd4935a2a2b436501c7b4a515 |
C:\Users\Admin\AppData\Local\Temp\2465529280.exe
| MD5 | 7d52884b375ce8b6182f1c53f0f1c496 |
| SHA1 | 6b70e90b0dada8d93c61caa678e76ce2abcbc76b |
| SHA256 | 9c48e8a5f83614f685249486a13a8a132660f37d11c5f55581414dbf02091021 |
| SHA512 | 24350255bda3672cce0ff22221e5973cd69f5b8470eb642e9679c3c006716271af8f32a2d4ee5309949c746eb9cb15bba411052fd4935a2a2b436501c7b4a515 |
memory/2072-11-0x0000000004C00000-0x0000000004CC3000-memory.dmp
memory/2072-26-0x0000000004C00000-0x0000000004CC8000-memory.dmp