Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
151s -
max time network
146s -
platform
windows10-2004_x64 -
resource
win10v2004-20231023-en -
resource tags
-
submitted
17/11/2023, 16:13
General
-
Target
NEAS.50aa5959fd6ce2f79b89c72b9ffa6803.exe
-
Size
84KB
-
MD5
50aa5959fd6ce2f79b89c72b9ffa6803
-
SHA1
63903aa511e0dd6fbd2e5b01c2bda1e6e5ff87d5
-
SHA256
16dbf416028d19e0a40b4e8f6fc1dd7ecaf8ed292c790508773ca1380e8bdd9b
-
SHA512
da6c782e700a215892a3fca48274f7f176c9038109aea4fa74cb100cf26e4d623590effd92d7d53a3cbdeee38eb21f6b1814896b72be750fcd34f5aa7303073d
-
SSDEEP
768:/pQNwC3BESe4Vqth+0V5vKmyLylze70wi3BEmk:BeT7BVwxfvEFwjRk
Score
10/10
Malware Config
Signatures
-
Modifies visibility of file extensions in Explorer 2 TTPs 64 IoCs
-
Executes dropped EXE 64 IoCs
-
UPX packed file 64 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Drops file in Program Files directory 64 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of SetWindowsHookEx 64 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
-
System policy modification 1 TTPs 64 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\NEAS.50aa5959fd6ce2f79b89c72b9ffa6803.exe"C:\Users\Admin\AppData\Local\Temp\NEAS.50aa5959fd6ce2f79b89c72b9ffa6803.exe"1⤵
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\{7FF43955-E9F6-4AEA-898D-028523FA2E52}\backup.exeC:\Users\Admin\AppData\Local\Temp\{7FF43955-E9F6-4AEA-898D-028523FA2E52}\backup.exe C:\Users\Admin\AppData\Local\Temp\{7FF43955-E9F6-4AEA-898D-028523FA2E52}\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\backup.exe\backup.exe \3⤵
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\odt\backup.exeC:\odt\backup.exe C:\odt\4⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\PerfLogs\backup.exeC:\PerfLogs\backup.exe C:\PerfLogs\4⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\System Restore.exe"C:\Program Files\System Restore.exe" C:\Program Files\4⤵
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\7-Zip\backup.exe"C:\Program Files\7-Zip\backup.exe" C:\Program Files\7-Zip\5⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Program Files\7-Zip\Lang\backup.exe"C:\Program Files\7-Zip\Lang\backup.exe" C:\Program Files\7-Zip\Lang\6⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
-
C:\Program Files\Common Files\backup.exe"C:\Program Files\Common Files\backup.exe" C:\Program Files\Common Files\5⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Common Files\DESIGNER\backup.exe"C:\Program Files\Common Files\DESIGNER\backup.exe" C:\Program Files\Common Files\DESIGNER\6⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\backup.exe"C:\Program Files\Common Files\microsoft shared\backup.exe" C:\Program Files\Common Files\microsoft shared\6⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\microsoft shared\ClickToRun\backup.exe"C:\Program Files\Common Files\microsoft shared\ClickToRun\backup.exe" C:\Program Files\Common Files\microsoft shared\ClickToRun\7⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\7⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\microsoft shared\ink\ar-SA\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\ar-SA\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\ar-SA\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\ink\bg-BG\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\bg-BG\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\bg-BG\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\cs-CZ\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\cs-CZ\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\cs-CZ\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\ink\da-DK\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\da-DK\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\da-DK\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\de-DE\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\de-DE\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\de-DE\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\el-GR\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\el-GR\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\el-GR\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\ink\en-GB\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\en-GB\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\en-GB\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\en-US\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\en-US\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\en-US\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\ink\es-ES\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\es-ES\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\es-ES\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\ink\es-MX\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\es-MX\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\es-MX\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\ink\et-EE\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\et-EE\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\et-EE\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\fi-FI\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\fi-FI\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\fi-FI\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\ink\fr-CA\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\fr-CA\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\fr-CA\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\fr-FR\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\fr-FR\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\fr-FR\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\auxpad\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\auxpad\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\auxpad\9⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\insert\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\insert\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\insert\9⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\keypad\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\keypad\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\keypad\9⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\9⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskclearui\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskclearui\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskclearui\9⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskmenu\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskmenu\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskmenu\9⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\osknav\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\osknav\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\osknav\9⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\osknumpad\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\osknumpad\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\osknumpad\9⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskpred\update.exe"C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskpred\update.exe" C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskpred\9⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\symbols\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\symbols\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\symbols\9⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
-
C:\Program Files\Common Files\microsoft shared\ink\he-IL\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\he-IL\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\he-IL\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\hr-HR\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\hr-HR\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\hr-HR\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\hu-HU\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\hu-HU\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\hu-HU\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\HWRCustomization\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\HWRCustomization\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\HWRCustomization\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\it-IT\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\it-IT\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\it-IT\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\ja-JP\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\ja-JP\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\ja-JP\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\ink\ko-KR\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\ko-KR\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\ko-KR\8⤵
- Executes dropped EXE
-
-
C:\Program Files\Common Files\microsoft shared\ink\LanguageModel\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\LanguageModel\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\LanguageModel\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\lt-LT\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\lt-LT\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\lt-LT\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\lv-LV\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\lv-LV\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\lv-LV\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\nb-NO\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\nb-NO\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\nb-NO\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\nl-NL\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\nl-NL\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\nl-NL\8⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Common Files\microsoft shared\ink\pl-PL\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\pl-PL\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\pl-PL\8⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\pt-BR\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\pt-BR\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\pt-BR\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\pt-PT\System Restore.exe"C:\Program Files\Common Files\microsoft shared\ink\pt-PT\System Restore.exe" C:\Program Files\Common Files\microsoft shared\ink\pt-PT\8⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\ro-RO\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\ro-RO\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\ro-RO\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\ru-RU\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\ru-RU\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\ru-RU\8⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Common Files\microsoft shared\ink\sk-SK\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\sk-SK\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\sk-SK\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\sl-SI\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\sl-SI\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\sl-SI\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\sr-Latn-RS\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\sr-Latn-RS\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\sr-Latn-RS\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\sv-SE\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\sv-SE\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\sv-SE\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\th-TH\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\th-TH\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\th-TH\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\tr-TR\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\tr-TR\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\tr-TR\8⤵
- Modifies visibility of file extensions in Explorer
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\uk-UA\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\uk-UA\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\uk-UA\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\zh-CN\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\zh-CN\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\zh-CN\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\zh-TW\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\zh-TW\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\zh-TW\8⤵
-
-
-
C:\Program Files\Common Files\microsoft shared\MSInfo\backup.exe"C:\Program Files\Common Files\microsoft shared\MSInfo\backup.exe" C:\Program Files\Common Files\microsoft shared\MSInfo\7⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
-
C:\Program Files\Common Files\microsoft shared\MSInfo\de-DE\backup.exe"C:\Program Files\Common Files\microsoft shared\MSInfo\de-DE\backup.exe" C:\Program Files\Common Files\microsoft shared\MSInfo\de-DE\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\MSInfo\en-US\backup.exe"C:\Program Files\Common Files\microsoft shared\MSInfo\en-US\backup.exe" C:\Program Files\Common Files\microsoft shared\MSInfo\en-US\8⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Common Files\microsoft shared\MSInfo\es-ES\backup.exe"C:\Program Files\Common Files\microsoft shared\MSInfo\es-ES\backup.exe" C:\Program Files\Common Files\microsoft shared\MSInfo\es-ES\8⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\MSInfo\fr-FR\backup.exe"C:\Program Files\Common Files\microsoft shared\MSInfo\fr-FR\backup.exe" C:\Program Files\Common Files\microsoft shared\MSInfo\fr-FR\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\MSInfo\it-IT\backup.exe"C:\Program Files\Common Files\microsoft shared\MSInfo\it-IT\backup.exe" C:\Program Files\Common Files\microsoft shared\MSInfo\it-IT\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\MSInfo\ja-JP\backup.exe"C:\Program Files\Common Files\microsoft shared\MSInfo\ja-JP\backup.exe" C:\Program Files\Common Files\microsoft shared\MSInfo\ja-JP\8⤵
-
-
-
C:\Program Files\Common Files\microsoft shared\OFFICE16\System Restore.exe"C:\Program Files\Common Files\microsoft shared\OFFICE16\System Restore.exe" C:\Program Files\Common Files\microsoft shared\OFFICE16\7⤵
-
C:\Program Files\Common Files\microsoft shared\OFFICE16\Office Setup Controller\backup.exe"C:\Program Files\Common Files\microsoft shared\OFFICE16\Office Setup Controller\backup.exe" C:\Program Files\Common Files\microsoft shared\OFFICE16\Office Setup Controller\8⤵
-
-
-
C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\backup.exe"C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\backup.exe" C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\7⤵
-
-
C:\Program Files\Common Files\microsoft shared\Source Engine\backup.exe"C:\Program Files\Common Files\microsoft shared\Source Engine\backup.exe" C:\Program Files\Common Files\microsoft shared\Source Engine\7⤵
-
-
C:\Program Files\Common Files\microsoft shared\Stationery\backup.exe"C:\Program Files\Common Files\microsoft shared\Stationery\backup.exe" C:\Program Files\Common Files\microsoft shared\Stationery\7⤵
-
-
C:\Program Files\Common Files\microsoft shared\TextConv\backup.exe"C:\Program Files\Common Files\microsoft shared\TextConv\backup.exe" C:\Program Files\Common Files\microsoft shared\TextConv\7⤵
-
C:\Program Files\Common Files\microsoft shared\TextConv\en-US\backup.exe"C:\Program Files\Common Files\microsoft shared\TextConv\en-US\backup.exe" C:\Program Files\Common Files\microsoft shared\TextConv\en-US\8⤵
-
-
-
C:\Program Files\Common Files\microsoft shared\Triedit\backup.exe"C:\Program Files\Common Files\microsoft shared\Triedit\backup.exe" C:\Program Files\Common Files\microsoft shared\Triedit\7⤵
-
C:\Program Files\Common Files\microsoft shared\Triedit\en-US\backup.exe"C:\Program Files\Common Files\microsoft shared\Triedit\en-US\backup.exe" C:\Program Files\Common Files\microsoft shared\Triedit\en-US\8⤵
-
-
-
C:\Program Files\Common Files\microsoft shared\VC\backup.exe"C:\Program Files\Common Files\microsoft shared\VC\backup.exe" C:\Program Files\Common Files\microsoft shared\VC\7⤵
-
-
C:\Program Files\Common Files\microsoft shared\VGX\backup.exe"C:\Program Files\Common Files\microsoft shared\VGX\backup.exe" C:\Program Files\Common Files\microsoft shared\VGX\7⤵
-
-
C:\Program Files\Common Files\microsoft shared\VSTO\backup.exe"C:\Program Files\Common Files\microsoft shared\VSTO\backup.exe" C:\Program Files\Common Files\microsoft shared\VSTO\7⤵
-
C:\Program Files\Common Files\microsoft shared\VSTO\10.0\backup.exe"C:\Program Files\Common Files\microsoft shared\VSTO\10.0\backup.exe" C:\Program Files\Common Files\microsoft shared\VSTO\10.0\8⤵
-
C:\Program Files\Common Files\microsoft shared\VSTO\10.0\1033\backup.exe"C:\Program Files\Common Files\microsoft shared\VSTO\10.0\1033\backup.exe" C:\Program Files\Common Files\microsoft shared\VSTO\10.0\1033\9⤵
-
-
-
-
-
C:\Program Files\Common Files\Services\backup.exe"C:\Program Files\Common Files\Services\backup.exe" C:\Program Files\Common Files\Services\6⤵
-
-
C:\Program Files\Common Files\System\backup.exe"C:\Program Files\Common Files\System\backup.exe" C:\Program Files\Common Files\System\6⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
-
C:\Program Files\Common Files\System\ado\backup.exe"C:\Program Files\Common Files\System\ado\backup.exe" C:\Program Files\Common Files\System\ado\7⤵
-
C:\Program Files\Common Files\System\ado\de-DE\backup.exe"C:\Program Files\Common Files\System\ado\de-DE\backup.exe" C:\Program Files\Common Files\System\ado\de-DE\8⤵
-
-
C:\Program Files\Common Files\System\ado\en-US\backup.exe"C:\Program Files\Common Files\System\ado\en-US\backup.exe" C:\Program Files\Common Files\System\ado\en-US\8⤵
-
-
C:\Program Files\Common Files\System\ado\es-ES\backup.exe"C:\Program Files\Common Files\System\ado\es-ES\backup.exe" C:\Program Files\Common Files\System\ado\es-ES\8⤵
-
-
C:\Program Files\Common Files\System\ado\fr-FR\backup.exe"C:\Program Files\Common Files\System\ado\fr-FR\backup.exe" C:\Program Files\Common Files\System\ado\fr-FR\8⤵
-
-
C:\Program Files\Common Files\System\ado\it-IT\backup.exe"C:\Program Files\Common Files\System\ado\it-IT\backup.exe" C:\Program Files\Common Files\System\ado\it-IT\8⤵
-
-
C:\Program Files\Common Files\System\ado\ja-JP\backup.exe"C:\Program Files\Common Files\System\ado\ja-JP\backup.exe" C:\Program Files\Common Files\System\ado\ja-JP\8⤵
-
-
-
C:\Program Files\Common Files\System\de-DE\System Restore.exe"C:\Program Files\Common Files\System\de-DE\System Restore.exe" C:\Program Files\Common Files\System\de-DE\7⤵
-
-
C:\Program Files\Common Files\System\en-US\backup.exe"C:\Program Files\Common Files\System\en-US\backup.exe" C:\Program Files\Common Files\System\en-US\7⤵
-
-
C:\Program Files\Common Files\System\es-ES\backup.exe"C:\Program Files\Common Files\System\es-ES\backup.exe" C:\Program Files\Common Files\System\es-ES\7⤵
-
-
C:\Program Files\Common Files\System\fr-FR\backup.exe"C:\Program Files\Common Files\System\fr-FR\backup.exe" C:\Program Files\Common Files\System\fr-FR\7⤵
-
-
C:\Program Files\Common Files\System\it-IT\backup.exe"C:\Program Files\Common Files\System\it-IT\backup.exe" C:\Program Files\Common Files\System\it-IT\7⤵
-
-
C:\Program Files\Common Files\System\ja-JP\backup.exe"C:\Program Files\Common Files\System\ja-JP\backup.exe" C:\Program Files\Common Files\System\ja-JP\7⤵
-
-
C:\Program Files\Common Files\System\msadc\backup.exe"C:\Program Files\Common Files\System\msadc\backup.exe" C:\Program Files\Common Files\System\msadc\7⤵
-
C:\Program Files\Common Files\System\msadc\de-DE\backup.exe"C:\Program Files\Common Files\System\msadc\de-DE\backup.exe" C:\Program Files\Common Files\System\msadc\de-DE\8⤵
-
-
C:\Program Files\Common Files\System\msadc\en-US\backup.exe"C:\Program Files\Common Files\System\msadc\en-US\backup.exe" C:\Program Files\Common Files\System\msadc\en-US\8⤵
-
-
C:\Program Files\Common Files\System\msadc\es-ES\backup.exe"C:\Program Files\Common Files\System\msadc\es-ES\backup.exe" C:\Program Files\Common Files\System\msadc\es-ES\8⤵
-
-
C:\Program Files\Common Files\System\msadc\fr-FR\backup.exe"C:\Program Files\Common Files\System\msadc\fr-FR\backup.exe" C:\Program Files\Common Files\System\msadc\fr-FR\8⤵
-
-
C:\Program Files\Common Files\System\msadc\it-IT\backup.exe"C:\Program Files\Common Files\System\msadc\it-IT\backup.exe" C:\Program Files\Common Files\System\msadc\it-IT\8⤵
-
-
C:\Program Files\Common Files\System\msadc\ja-JP\backup.exe"C:\Program Files\Common Files\System\msadc\ja-JP\backup.exe" C:\Program Files\Common Files\System\msadc\ja-JP\8⤵
-
-
-
C:\Program Files\Common Files\System\Ole DB\backup.exe"C:\Program Files\Common Files\System\Ole DB\backup.exe" C:\Program Files\Common Files\System\Ole DB\7⤵
-
C:\Program Files\Common Files\System\Ole DB\de-DE\backup.exe"C:\Program Files\Common Files\System\Ole DB\de-DE\backup.exe" C:\Program Files\Common Files\System\Ole DB\de-DE\8⤵
-
-
C:\Program Files\Common Files\System\Ole DB\en-US\System Restore.exe"C:\Program Files\Common Files\System\Ole DB\en-US\System Restore.exe" C:\Program Files\Common Files\System\Ole DB\en-US\8⤵
-
-
C:\Program Files\Common Files\System\Ole DB\es-ES\backup.exe"C:\Program Files\Common Files\System\Ole DB\es-ES\backup.exe" C:\Program Files\Common Files\System\Ole DB\es-ES\8⤵
-
-
C:\Program Files\Common Files\System\Ole DB\fr-FR\backup.exe"C:\Program Files\Common Files\System\Ole DB\fr-FR\backup.exe" C:\Program Files\Common Files\System\Ole DB\fr-FR\8⤵
-
-
C:\Program Files\Common Files\System\Ole DB\it-IT\backup.exe"C:\Program Files\Common Files\System\Ole DB\it-IT\backup.exe" C:\Program Files\Common Files\System\Ole DB\it-IT\8⤵
-
-
C:\Program Files\Common Files\System\Ole DB\ja-JP\backup.exe"C:\Program Files\Common Files\System\Ole DB\ja-JP\backup.exe" C:\Program Files\Common Files\System\Ole DB\ja-JP\8⤵
-
-
-
-
-
C:\Program Files\Google\backup.exe"C:\Program Files\Google\backup.exe" C:\Program Files\Google\5⤵
-
C:\Program Files\Google\Chrome\backup.exe"C:\Program Files\Google\Chrome\backup.exe" C:\Program Files\Google\Chrome\6⤵
- System policy modification
-
C:\Program Files\Google\Chrome\Application\backup.exe"C:\Program Files\Google\Chrome\Application\backup.exe" C:\Program Files\Google\Chrome\Application\7⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\backup.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\backup.exe" C:\Program Files\Google\Chrome\Application\106.0.5249.119\8⤵
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\default_apps\backup.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\default_apps\backup.exe" C:\Program Files\Google\Chrome\Application\106.0.5249.119\default_apps\9⤵
-
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\Extensions\backup.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Extensions\backup.exe" C:\Program Files\Google\Chrome\Application\106.0.5249.119\Extensions\9⤵
-
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\backup.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\backup.exe" C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\9⤵
-
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\backup.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\backup.exe" C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\9⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\MEIPreload\backup.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\MEIPreload\backup.exe" C:\Program Files\Google\Chrome\Application\106.0.5249.119\MEIPreload\9⤵
-
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\backup.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\backup.exe" C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\9⤵
-
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\backup.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\backup.exe" C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\9⤵
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\_platform_specific\backup.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\_platform_specific\backup.exe" C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\_platform_specific\10⤵
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\_platform_specific\win_x64\backup.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\_platform_specific\win_x64\backup.exe" C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\_platform_specific\win_x64\11⤵
-
-
-
-
-
C:\Program Files\Google\Chrome\Application\SetupMetrics\backup.exe"C:\Program Files\Google\Chrome\Application\SetupMetrics\backup.exe" C:\Program Files\Google\Chrome\Application\SetupMetrics\8⤵
- Executes dropped EXE
-
-
-
-
-
C:\Program Files\Internet Explorer\backup.exe"C:\Program Files\Internet Explorer\backup.exe" C:\Program Files\Internet Explorer\5⤵
-
C:\Program Files\Internet Explorer\de-DE\System Restore.exe"C:\Program Files\Internet Explorer\de-DE\System Restore.exe" C:\Program Files\Internet Explorer\de-DE\6⤵
-
-
C:\Program Files\Internet Explorer\en-US\backup.exe"C:\Program Files\Internet Explorer\en-US\backup.exe" C:\Program Files\Internet Explorer\en-US\6⤵
-
-
C:\Program Files\Internet Explorer\es-ES\backup.exe"C:\Program Files\Internet Explorer\es-ES\backup.exe" C:\Program Files\Internet Explorer\es-ES\6⤵
-
-
C:\Program Files\Internet Explorer\fr-FR\backup.exe"C:\Program Files\Internet Explorer\fr-FR\backup.exe" C:\Program Files\Internet Explorer\fr-FR\6⤵
-
-
C:\Program Files\Internet Explorer\images\backup.exe"C:\Program Files\Internet Explorer\images\backup.exe" C:\Program Files\Internet Explorer\images\6⤵
-
-
C:\Program Files\Internet Explorer\ja-JP\backup.exe"C:\Program Files\Internet Explorer\ja-JP\backup.exe" C:\Program Files\Internet Explorer\ja-JP\6⤵
-
-
C:\Program Files\Internet Explorer\SIGNUP\backup.exe"C:\Program Files\Internet Explorer\SIGNUP\backup.exe" C:\Program Files\Internet Explorer\SIGNUP\6⤵
-
-
C:\Program Files\Internet Explorer\it-IT\backup.exe"C:\Program Files\Internet Explorer\it-IT\backup.exe" C:\Program Files\Internet Explorer\it-IT\6⤵
-
-
-
C:\Program Files\Java\backup.exe"C:\Program Files\Java\backup.exe" C:\Program Files\Java\5⤵
-
C:\Program Files\Java\jdk-1.8\backup.exe"C:\Program Files\Java\jdk-1.8\backup.exe" C:\Program Files\Java\jdk-1.8\6⤵
-
C:\Program Files\Java\jdk-1.8\bin\backup.exe"C:\Program Files\Java\jdk-1.8\bin\backup.exe" C:\Program Files\Java\jdk-1.8\bin\7⤵
-
-
C:\Program Files\Java\jdk-1.8\include\backup.exe"C:\Program Files\Java\jdk-1.8\include\backup.exe" C:\Program Files\Java\jdk-1.8\include\7⤵
-
C:\Program Files\Java\jdk-1.8\include\win32\backup.exe"C:\Program Files\Java\jdk-1.8\include\win32\backup.exe" C:\Program Files\Java\jdk-1.8\include\win32\8⤵
-
C:\Program Files\Java\jdk-1.8\include\win32\bridge\System Restore.exe"C:\Program Files\Java\jdk-1.8\include\win32\bridge\System Restore.exe" C:\Program Files\Java\jdk-1.8\include\win32\bridge\9⤵
-
-
-
-
C:\Program Files\Java\jdk-1.8\jre\backup.exe"C:\Program Files\Java\jdk-1.8\jre\backup.exe" C:\Program Files\Java\jdk-1.8\jre\7⤵
-
C:\Program Files\Java\jdk-1.8\jre\bin\backup.exe"C:\Program Files\Java\jdk-1.8\jre\bin\backup.exe" C:\Program Files\Java\jdk-1.8\jre\bin\8⤵
-
C:\Program Files\Java\jdk-1.8\jre\bin\dtplugin\backup.exe"C:\Program Files\Java\jdk-1.8\jre\bin\dtplugin\backup.exe" C:\Program Files\Java\jdk-1.8\jre\bin\dtplugin\9⤵
-
-
C:\Program Files\Java\jdk-1.8\jre\bin\plugin2\backup.exe"C:\Program Files\Java\jdk-1.8\jre\bin\plugin2\backup.exe" C:\Program Files\Java\jdk-1.8\jre\bin\plugin2\9⤵
-
-
C:\Program Files\Java\jdk-1.8\jre\bin\server\backup.exe"C:\Program Files\Java\jdk-1.8\jre\bin\server\backup.exe" C:\Program Files\Java\jdk-1.8\jre\bin\server\9⤵
- Drops file in Program Files directory
-
-
-
C:\Program Files\Java\jdk-1.8\jre\legal\backup.exe"C:\Program Files\Java\jdk-1.8\jre\legal\backup.exe" C:\Program Files\Java\jdk-1.8\jre\legal\8⤵
-
C:\Program Files\Java\jdk-1.8\jre\legal\javafx\backup.exe"C:\Program Files\Java\jdk-1.8\jre\legal\javafx\backup.exe" C:\Program Files\Java\jdk-1.8\jre\legal\javafx\9⤵
-
-
C:\Program Files\Java\jdk-1.8\jre\legal\jdk\backup.exe"C:\Program Files\Java\jdk-1.8\jre\legal\jdk\backup.exe" C:\Program Files\Java\jdk-1.8\jre\legal\jdk\9⤵
-
-
-
C:\Program Files\Java\jdk-1.8\jre\lib\backup.exe"C:\Program Files\Java\jdk-1.8\jre\lib\backup.exe" C:\Program Files\Java\jdk-1.8\jre\lib\8⤵
-
C:\Program Files\Java\jdk-1.8\jre\lib\amd64\backup.exe"C:\Program Files\Java\jdk-1.8\jre\lib\amd64\backup.exe" C:\Program Files\Java\jdk-1.8\jre\lib\amd64\9⤵
-
-
C:\Program Files\Java\jdk-1.8\jre\lib\applet\backup.exe"C:\Program Files\Java\jdk-1.8\jre\lib\applet\backup.exe" C:\Program Files\Java\jdk-1.8\jre\lib\applet\9⤵
-
-
C:\Program Files\Java\jdk-1.8\jre\lib\cmm\backup.exe"C:\Program Files\Java\jdk-1.8\jre\lib\cmm\backup.exe" C:\Program Files\Java\jdk-1.8\jre\lib\cmm\9⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Program Files\Java\jdk-1.8\jre\lib\deploy\backup.exe"C:\Program Files\Java\jdk-1.8\jre\lib\deploy\backup.exe" C:\Program Files\Java\jdk-1.8\jre\lib\deploy\9⤵
-
-
C:\Program Files\Java\jdk-1.8\jre\lib\ext\backup.exe"C:\Program Files\Java\jdk-1.8\jre\lib\ext\backup.exe" C:\Program Files\Java\jdk-1.8\jre\lib\ext\9⤵
-
-
C:\Program Files\Java\jdk-1.8\jre\lib\fonts\backup.exe"C:\Program Files\Java\jdk-1.8\jre\lib\fonts\backup.exe" C:\Program Files\Java\jdk-1.8\jre\lib\fonts\9⤵
-
-
C:\Program Files\Java\jdk-1.8\jre\lib\images\backup.exe"C:\Program Files\Java\jdk-1.8\jre\lib\images\backup.exe" C:\Program Files\Java\jdk-1.8\jre\lib\images\9⤵
-
C:\Program Files\Java\jdk-1.8\jre\lib\images\cursors\backup.exe"C:\Program Files\Java\jdk-1.8\jre\lib\images\cursors\backup.exe" C:\Program Files\Java\jdk-1.8\jre\lib\images\cursors\10⤵
-
-
-
C:\Program Files\Java\jdk-1.8\jre\lib\jfr\backup.exe"C:\Program Files\Java\jdk-1.8\jre\lib\jfr\backup.exe" C:\Program Files\Java\jdk-1.8\jre\lib\jfr\9⤵
-
-
C:\Program Files\Java\jdk-1.8\jre\lib\management\backup.exe"C:\Program Files\Java\jdk-1.8\jre\lib\management\backup.exe" C:\Program Files\Java\jdk-1.8\jre\lib\management\9⤵
-
-
C:\Program Files\Java\jdk-1.8\jre\lib\security\backup.exe"C:\Program Files\Java\jdk-1.8\jre\lib\security\backup.exe" C:\Program Files\Java\jdk-1.8\jre\lib\security\9⤵
-
C:\Program Files\Java\jdk-1.8\jre\lib\security\policy\backup.exe"C:\Program Files\Java\jdk-1.8\jre\lib\security\policy\backup.exe" C:\Program Files\Java\jdk-1.8\jre\lib\security\policy\10⤵
-
C:\Program Files\Java\jdk-1.8\jre\lib\security\policy\limited\backup.exe"C:\Program Files\Java\jdk-1.8\jre\lib\security\policy\limited\backup.exe" C:\Program Files\Java\jdk-1.8\jre\lib\security\policy\limited\11⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Java\jdk-1.8\jre\lib\security\policy\unlimited\backup.exe"C:\Program Files\Java\jdk-1.8\jre\lib\security\policy\unlimited\backup.exe" C:\Program Files\Java\jdk-1.8\jre\lib\security\policy\unlimited\11⤵
-
-
-
-
-
-
C:\Program Files\Java\jdk-1.8\legal\backup.exe"C:\Program Files\Java\jdk-1.8\legal\backup.exe" C:\Program Files\Java\jdk-1.8\legal\7⤵
-
C:\Program Files\Java\jdk-1.8\legal\javafx\data.exe"C:\Program Files\Java\jdk-1.8\legal\javafx\data.exe" C:\Program Files\Java\jdk-1.8\legal\javafx\8⤵
-
-
C:\Program Files\Java\jdk-1.8\legal\jdk\backup.exe"C:\Program Files\Java\jdk-1.8\legal\jdk\backup.exe" C:\Program Files\Java\jdk-1.8\legal\jdk\8⤵
-
-
-
C:\Program Files\Java\jdk-1.8\lib\backup.exe"C:\Program Files\Java\jdk-1.8\lib\backup.exe" C:\Program Files\Java\jdk-1.8\lib\7⤵
-
-
-
C:\Program Files\Java\jre-1.8\backup.exe"C:\Program Files\Java\jre-1.8\backup.exe" C:\Program Files\Java\jre-1.8\6⤵
-
C:\Program Files\Java\jre-1.8\bin\backup.exe"C:\Program Files\Java\jre-1.8\bin\backup.exe" C:\Program Files\Java\jre-1.8\bin\7⤵
-
C:\Program Files\Java\jre-1.8\bin\dtplugin\backup.exe"C:\Program Files\Java\jre-1.8\bin\dtplugin\backup.exe" C:\Program Files\Java\jre-1.8\bin\dtplugin\8⤵
-
-
C:\Program Files\Java\jre-1.8\bin\plugin2\backup.exe"C:\Program Files\Java\jre-1.8\bin\plugin2\backup.exe" C:\Program Files\Java\jre-1.8\bin\plugin2\8⤵
-
-
C:\Program Files\Java\jre-1.8\bin\server\backup.exe"C:\Program Files\Java\jre-1.8\bin\server\backup.exe" C:\Program Files\Java\jre-1.8\bin\server\8⤵
-
-
-
C:\Program Files\Java\jre-1.8\legal\backup.exe"C:\Program Files\Java\jre-1.8\legal\backup.exe" C:\Program Files\Java\jre-1.8\legal\7⤵
-
C:\Program Files\Java\jre-1.8\legal\javafx\update.exe"C:\Program Files\Java\jre-1.8\legal\javafx\update.exe" C:\Program Files\Java\jre-1.8\legal\javafx\8⤵
-
-
C:\Program Files\Java\jre-1.8\legal\jdk\backup.exe"C:\Program Files\Java\jre-1.8\legal\jdk\backup.exe" C:\Program Files\Java\jre-1.8\legal\jdk\8⤵
-
-
-
C:\Program Files\Java\jre-1.8\lib\backup.exe"C:\Program Files\Java\jre-1.8\lib\backup.exe" C:\Program Files\Java\jre-1.8\lib\7⤵
-
C:\Program Files\Java\jre-1.8\lib\amd64\System Restore.exe"C:\Program Files\Java\jre-1.8\lib\amd64\System Restore.exe" C:\Program Files\Java\jre-1.8\lib\amd64\8⤵
-
-
C:\Program Files\Java\jre-1.8\lib\applet\backup.exe"C:\Program Files\Java\jre-1.8\lib\applet\backup.exe" C:\Program Files\Java\jre-1.8\lib\applet\8⤵
-
-
C:\Program Files\Java\jre-1.8\lib\cmm\backup.exe"C:\Program Files\Java\jre-1.8\lib\cmm\backup.exe" C:\Program Files\Java\jre-1.8\lib\cmm\8⤵
-
-
C:\Program Files\Java\jre-1.8\lib\deploy\data.exe"C:\Program Files\Java\jre-1.8\lib\deploy\data.exe" C:\Program Files\Java\jre-1.8\lib\deploy\8⤵
-
-
C:\Program Files\Java\jre-1.8\lib\ext\backup.exe"C:\Program Files\Java\jre-1.8\lib\ext\backup.exe" C:\Program Files\Java\jre-1.8\lib\ext\8⤵
-
-
C:\Program Files\Java\jre-1.8\lib\fonts\backup.exe"C:\Program Files\Java\jre-1.8\lib\fonts\backup.exe" C:\Program Files\Java\jre-1.8\lib\fonts\8⤵
-
-
C:\Program Files\Java\jre-1.8\lib\images\backup.exe"C:\Program Files\Java\jre-1.8\lib\images\backup.exe" C:\Program Files\Java\jre-1.8\lib\images\8⤵
-
C:\Program Files\Java\jre-1.8\lib\images\cursors\backup.exe"C:\Program Files\Java\jre-1.8\lib\images\cursors\backup.exe" C:\Program Files\Java\jre-1.8\lib\images\cursors\9⤵
-
-
-
C:\Program Files\Java\jre-1.8\lib\jfr\backup.exe"C:\Program Files\Java\jre-1.8\lib\jfr\backup.exe" C:\Program Files\Java\jre-1.8\lib\jfr\8⤵
-
-
C:\Program Files\Java\jre-1.8\lib\management\backup.exe"C:\Program Files\Java\jre-1.8\lib\management\backup.exe" C:\Program Files\Java\jre-1.8\lib\management\8⤵
-
-
C:\Program Files\Java\jre-1.8\lib\security\backup.exe"C:\Program Files\Java\jre-1.8\lib\security\backup.exe" C:\Program Files\Java\jre-1.8\lib\security\8⤵
-
C:\Program Files\Java\jre-1.8\lib\security\policy\backup.exe"C:\Program Files\Java\jre-1.8\lib\security\policy\backup.exe" C:\Program Files\Java\jre-1.8\lib\security\policy\9⤵
-
C:\Program Files\Java\jre-1.8\lib\security\policy\limited\backup.exe"C:\Program Files\Java\jre-1.8\lib\security\policy\limited\backup.exe" C:\Program Files\Java\jre-1.8\lib\security\policy\limited\10⤵
-
-
C:\Program Files\Java\jre-1.8\lib\security\policy\unlimited\backup.exe"C:\Program Files\Java\jre-1.8\lib\security\policy\unlimited\backup.exe" C:\Program Files\Java\jre-1.8\lib\security\policy\unlimited\10⤵
-
-
-
-
-
-
-
C:\Program Files\Microsoft Office\update.exe"C:\Program Files\Microsoft Office\update.exe" C:\Program Files\Microsoft Office\5⤵
-
C:\Program Files\Microsoft Office\Office16\backup.exe"C:\Program Files\Microsoft Office\Office16\backup.exe" C:\Program Files\Microsoft Office\Office16\6⤵
-
-
C:\Program Files\Microsoft Office\PackageManifests\backup.exe"C:\Program Files\Microsoft Office\PackageManifests\backup.exe" C:\Program Files\Microsoft Office\PackageManifests\6⤵
-
-
C:\Program Files\Microsoft Office\root\backup.exe"C:\Program Files\Microsoft Office\root\backup.exe" C:\Program Files\Microsoft Office\root\6⤵
-
C:\Program Files\Microsoft Office\root\Client\backup.exe"C:\Program Files\Microsoft Office\root\Client\backup.exe" C:\Program Files\Microsoft Office\root\Client\7⤵
-
-
C:\Program Files\Microsoft Office\root\Document Themes 16\backup.exe"C:\Program Files\Microsoft Office\root\Document Themes 16\backup.exe" C:\Program Files\Microsoft Office\root\Document Themes 16\7⤵
-
C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Colors\backup.exe"C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Colors\backup.exe" C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Colors\8⤵
-
-
C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Effects\System Restore.exe"C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Effects\System Restore.exe" C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Effects\8⤵
-
-
C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\backup.exe"C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\backup.exe" C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\8⤵
-
-
-
C:\Program Files\Microsoft Office\root\fre\backup.exe"C:\Program Files\Microsoft Office\root\fre\backup.exe" C:\Program Files\Microsoft Office\root\fre\7⤵
- System policy modification
-
-
C:\Program Files\Microsoft Office\root\Integration\backup.exe"C:\Program Files\Microsoft Office\root\Integration\backup.exe" C:\Program Files\Microsoft Office\root\Integration\7⤵
-
C:\Program Files\Microsoft Office\root\Integration\Addons\backup.exe"C:\Program Files\Microsoft Office\root\Integration\Addons\backup.exe" C:\Program Files\Microsoft Office\root\Integration\Addons\8⤵
-
-
-
C:\Program Files\Microsoft Office\root\Licenses\backup.exe"C:\Program Files\Microsoft Office\root\Licenses\backup.exe" C:\Program Files\Microsoft Office\root\Licenses\7⤵
-
-
C:\Program Files\Microsoft Office\root\Licenses16\backup.exe"C:\Program Files\Microsoft Office\root\Licenses16\backup.exe" C:\Program Files\Microsoft Office\root\Licenses16\7⤵
-
-
C:\Program Files\Microsoft Office\root\loc\backup.exe"C:\Program Files\Microsoft Office\root\loc\backup.exe" C:\Program Files\Microsoft Office\root\loc\7⤵
-
-
C:\Program Files\Microsoft Office\root\Office15\backup.exe"C:\Program Files\Microsoft Office\root\Office15\backup.exe" C:\Program Files\Microsoft Office\root\Office15\7⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\backup.exe"C:\Program Files\Microsoft Office\root\Office16\backup.exe" C:\Program Files\Microsoft Office\root\Office16\7⤵
-
C:\Program Files\Microsoft Office\root\Office16\1033\backup.exe"C:\Program Files\Microsoft Office\root\Office16\1033\backup.exe" C:\Program Files\Microsoft Office\root\Office16\1033\8⤵
-
C:\Program Files\Microsoft Office\root\Office16\1033\Bibliography\backup.exe"C:\Program Files\Microsoft Office\root\Office16\1033\Bibliography\backup.exe" C:\Program Files\Microsoft Office\root\Office16\1033\Bibliography\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\1033\DataServices\backup.exe"C:\Program Files\Microsoft Office\root\Office16\1033\DataServices\backup.exe" C:\Program Files\Microsoft Office\root\Office16\1033\DataServices\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\1033\QuickStyles\backup.exe"C:\Program Files\Microsoft Office\root\Office16\1033\QuickStyles\backup.exe" C:\Program Files\Microsoft Office\root\Office16\1033\QuickStyles\9⤵
-
-
-
C:\Program Files\Microsoft Office\root\Office16\1036\backup.exe"C:\Program Files\Microsoft Office\root\Office16\1036\backup.exe" C:\Program Files\Microsoft Office\root\Office16\1036\8⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\3082\backup.exe"C:\Program Files\Microsoft Office\root\Office16\3082\backup.exe" C:\Program Files\Microsoft Office\root\Office16\3082\8⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\ADDINS\backup.exe"C:\Program Files\Microsoft Office\root\Office16\ADDINS\backup.exe" C:\Program Files\Microsoft Office\root\Office16\ADDINS\8⤵
-
C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\update.exe"C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\update.exe" C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\9⤵
-
C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\backup.exe"C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\backup.exe" C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\10⤵
-
-
-
C:\Program Files\Microsoft Office\root\Office16\ADDINS\EduWorks Data Streamer Add-In\update.exe"C:\Program Files\Microsoft Office\root\Office16\ADDINS\EduWorks Data Streamer Add-In\update.exe" C:\Program Files\Microsoft Office\root\Office16\ADDINS\EduWorks Data Streamer Add-In\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power Map Excel Add-in\backup.exe"C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power Map Excel Add-in\backup.exe" C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power Map Excel Add-in\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power View Excel Add-in\backup.exe"C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power View Excel Add-in\backup.exe" C:\Program Files\Microsoft Office\root\Office16\ADDINS\Power View Excel Add-in\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\backup.exe"C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\backup.exe" C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\9⤵
-
C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Cartridges\backup.exe"C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Cartridges\backup.exe" C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Cartridges\10⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\en\backup.exe"C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\en\backup.exe" C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\en\10⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Resources\backup.exe"C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Resources\backup.exe" C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Resources\10⤵
-
C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Resources\1033\backup.exe"C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Resources\1033\backup.exe" C:\Program Files\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\Resources\1033\11⤵
-
-
-
-
-
C:\Program Files\Microsoft Office\root\Office16\AugLoop\backup.exe"C:\Program Files\Microsoft Office\root\Office16\AugLoop\backup.exe" C:\Program Files\Microsoft Office\root\Office16\AugLoop\8⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\Bibliography\System Restore.exe"C:\Program Files\Microsoft Office\root\Office16\Bibliography\System Restore.exe" C:\Program Files\Microsoft Office\root\Office16\Bibliography\8⤵
-
C:\Program Files\Microsoft Office\root\Office16\Bibliography\Sort\backup.exe"C:\Program Files\Microsoft Office\root\Office16\Bibliography\Sort\backup.exe" C:\Program Files\Microsoft Office\root\Office16\Bibliography\Sort\9⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\Bibliography\Style\backup.exe"C:\Program Files\Microsoft Office\root\Office16\Bibliography\Style\backup.exe" C:\Program Files\Microsoft Office\root\Office16\Bibliography\Style\9⤵
-
-
-
C:\Program Files\Microsoft Office\root\Office16\BORDERS\backup.exe"C:\Program Files\Microsoft Office\root\Office16\BORDERS\backup.exe" C:\Program Files\Microsoft Office\root\Office16\BORDERS\8⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\Configuration\backup.exe"C:\Program Files\Microsoft Office\root\Office16\Configuration\backup.exe" C:\Program Files\Microsoft Office\root\Office16\Configuration\8⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\Document Parts\backup.exe"C:\Program Files\Microsoft Office\root\Office16\Document Parts\backup.exe" C:\Program Files\Microsoft Office\root\Office16\Document Parts\8⤵
-
C:\Program Files\Microsoft Office\root\Office16\Document Parts\1033\System Restore.exe"C:\Program Files\Microsoft Office\root\Office16\Document Parts\1033\System Restore.exe" C:\Program Files\Microsoft Office\root\Office16\Document Parts\1033\9⤵
-
C:\Program Files\Microsoft Office\root\Office16\Document Parts\1033\16\backup.exe"C:\Program Files\Microsoft Office\root\Office16\Document Parts\1033\16\backup.exe" C:\Program Files\Microsoft Office\root\Office16\Document Parts\1033\16\10⤵
-
-
-
-
C:\Program Files\Microsoft Office\root\Office16\FPA_f14\backup.exe"C:\Program Files\Microsoft Office\root\Office16\FPA_f14\backup.exe" C:\Program Files\Microsoft Office\root\Office16\FPA_f14\8⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\FPA_f2\backup.exe"C:\Program Files\Microsoft Office\root\Office16\FPA_f2\backup.exe" C:\Program Files\Microsoft Office\root\Office16\FPA_f2\8⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\FPA_f3\backup.exe"C:\Program Files\Microsoft Office\root\Office16\FPA_f3\backup.exe" C:\Program Files\Microsoft Office\root\Office16\FPA_f3\8⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\FPA_f33\backup.exe"C:\Program Files\Microsoft Office\root\Office16\FPA_f33\backup.exe" C:\Program Files\Microsoft Office\root\Office16\FPA_f33\8⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\FPA_f4\update.exe"C:\Program Files\Microsoft Office\root\Office16\FPA_f4\update.exe" C:\Program Files\Microsoft Office\root\Office16\FPA_f4\8⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\FPA_f7\backup.exe"C:\Program Files\Microsoft Office\root\Office16\FPA_f7\backup.exe" C:\Program Files\Microsoft Office\root\Office16\FPA_f7\8⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000006\backup.exe"C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000006\backup.exe" C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000006\8⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000008\backup.exe"C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000008\backup.exe" C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000008\8⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000009\backup.exe"C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000009\backup.exe" C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000009\8⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000011\backup.exe"C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000011\backup.exe" C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000011\8⤵
-
-
C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000050\backup.exe"C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000050\backup.exe" C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000050\8⤵
-
-
-
C:\Program Files\Microsoft Office\root\rsod\backup.exe"C:\Program Files\Microsoft Office\root\rsod\backup.exe" C:\Program Files\Microsoft Office\root\rsod\7⤵
-
-
C:\Program Files\Microsoft Office\root\Templates\backup.exe"C:\Program Files\Microsoft Office\root\Templates\backup.exe" C:\Program Files\Microsoft Office\root\Templates\7⤵
-
C:\Program Files\Microsoft Office\root\Templates\1033\data.exe"C:\Program Files\Microsoft Office\root\Templates\1033\data.exe" C:\Program Files\Microsoft Office\root\Templates\1033\8⤵
-
C:\Program Files\Microsoft Office\root\Templates\1033\ONENOTE\System Restore.exe"C:\Program Files\Microsoft Office\root\Templates\1033\ONENOTE\System Restore.exe" C:\Program Files\Microsoft Office\root\Templates\1033\ONENOTE\9⤵
-
C:\Program Files\Microsoft Office\root\Templates\1033\ONENOTE\16\backup.exe"C:\Program Files\Microsoft Office\root\Templates\1033\ONENOTE\16\backup.exe" C:\Program Files\Microsoft Office\root\Templates\1033\ONENOTE\16\10⤵
-
C:\Program Files\Microsoft Office\root\Templates\1033\ONENOTE\16\Stationery\backup.exe"C:\Program Files\Microsoft Office\root\Templates\1033\ONENOTE\16\Stationery\backup.exe" C:\Program Files\Microsoft Office\root\Templates\1033\ONENOTE\16\Stationery\11⤵
-
-
-
-
-
C:\Program Files\Microsoft Office\root\Templates\Presentation Designs\backup.exe"C:\Program Files\Microsoft Office\root\Templates\Presentation Designs\backup.exe" C:\Program Files\Microsoft Office\root\Templates\Presentation Designs\8⤵
-
-
-
C:\Program Files\Microsoft Office\root\vfs\backup.exe"C:\Program Files\Microsoft Office\root\vfs\backup.exe" C:\Program Files\Microsoft Office\root\vfs\7⤵
-
C:\Program Files\Microsoft Office\root\vfs\Common AppData\backup.exe"C:\Program Files\Microsoft Office\root\vfs\Common AppData\backup.exe" C:\Program Files\Microsoft Office\root\vfs\Common AppData\8⤵
-
C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft\backup.exe"C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft\backup.exe" C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft\9⤵
-
-
C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft Help\backup.exe"C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft Help\backup.exe" C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft Help\9⤵
-
-
-
C:\Program Files\Microsoft Office\root\vfs\Fonts\backup.exe"C:\Program Files\Microsoft Office\root\vfs\Fonts\backup.exe" C:\Program Files\Microsoft Office\root\vfs\Fonts\8⤵
-
C:\Program Files\Microsoft Office\root\vfs\Fonts\private\backup.exe"C:\Program Files\Microsoft Office\root\vfs\Fonts\private\backup.exe" C:\Program Files\Microsoft Office\root\vfs\Fonts\private\9⤵
-
-
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\8⤵
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\DESIGNER\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\DESIGNER\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\DESIGNER\9⤵
-
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\9⤵
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\DW\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\DW\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\DW\10⤵
-
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\10⤵
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\1033\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\1033\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EQUATION\1033\11⤵
-
-
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EURO\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EURO\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\EURO\10⤵
-
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Filters\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Filters\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Filters\10⤵
-
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\GRPHFLT\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\GRPHFLT\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\GRPHFLT\10⤵
-
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Help\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Help\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Help\10⤵
-
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\System Restore.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\System Restore.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\10⤵
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\1033\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\1033\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\1033\11⤵
-
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\Cultures\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\Cultures\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\Cultures\11⤵
-
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\DataModel\11⤵
-
-
-
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\ODBC\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\ODBC\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\ODBC\9⤵
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\ODBC\Data Sources\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\ODBC\Data Sources\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\ODBC\Data Sources\10⤵
-
-
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\System\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\System\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\System\9⤵
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\System\ole db\data.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\System\ole db\data.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\System\ole db\10⤵
-
-
-
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\update.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\update.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\8⤵
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\9⤵
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\EQUATION\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\EQUATION\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\EQUATION\10⤵
-
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\10⤵
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\1033\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\1033\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\1033\11⤵
-
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\Cultures\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\Cultures\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\Cultures\11⤵
-
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\en-us\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\en-us\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\en-us\11⤵
-
-
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Portal\data.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Portal\data.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Portal\10⤵
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Portal\1033\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Portal\1033\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Portal\1033\11⤵
-
-
-
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\System\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\System\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\System\9⤵
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\System\ole db\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\System\ole db\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\System\ole db\10⤵
-
-
-
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\data.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\data.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\8⤵
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\9⤵
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\10⤵
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\11⤵
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\Cartridges\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\Cartridges\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\Cartridges\12⤵
-
-
-
-
-
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\backup.exe"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\backup.exe" C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\8⤵
-
-
-
C:\Program Files\Microsoft Office\root\vreg\backup.exe"C:\Program Files\Microsoft Office\root\vreg\backup.exe" C:\Program Files\Microsoft Office\root\vreg\7⤵
-
-
-
C:\Program Files\Microsoft Office\Updates\backup.exe"C:\Program Files\Microsoft Office\Updates\backup.exe" C:\Program Files\Microsoft Office\Updates\6⤵
-
C:\Program Files\Microsoft Office\Updates\Apply\backup.exe"C:\Program Files\Microsoft Office\Updates\Apply\backup.exe" C:\Program Files\Microsoft Office\Updates\Apply\7⤵
-
C:\Program Files\Microsoft Office\Updates\Apply\FilesInUse\backup.exe"C:\Program Files\Microsoft Office\Updates\Apply\FilesInUse\backup.exe" C:\Program Files\Microsoft Office\Updates\Apply\FilesInUse\8⤵
-
C:\Program Files\Microsoft Office\Updates\Apply\FilesInUse\2F83BD1D-C37E-49A4-8DFF-CE9E760C8D51\System Restore.exe"C:\Program Files\Microsoft Office\Updates\Apply\FilesInUse\2F83BD1D-C37E-49A4-8DFF-CE9E760C8D51\System Restore.exe" C:\Program Files\Microsoft Office\Updates\Apply\FilesInUse\2F83BD1D-C37E-49A4-8DFF-CE9E760C8D51\9⤵
-
-
-
-
C:\Program Files\Microsoft Office\Updates\Download\backup.exe"C:\Program Files\Microsoft Office\Updates\Download\backup.exe" C:\Program Files\Microsoft Office\Updates\Download\7⤵
-
C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\backup.exe"C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\backup.exe" C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\8⤵
-
C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\2F83BD1D-C37E-49A4-8DFF-CE9E760C8D51\backup.exe"C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\2F83BD1D-C37E-49A4-8DFF-CE9E760C8D51\backup.exe" C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\2F83BD1D-C37E-49A4-8DFF-CE9E760C8D51\9⤵
-
C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\2F83BD1D-C37E-49A4-8DFF-CE9E760C8D51\root\backup.exe"C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\2F83BD1D-C37E-49A4-8DFF-CE9E760C8D51\root\backup.exe" C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\2F83BD1D-C37E-49A4-8DFF-CE9E760C8D51\root\10⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
-
C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\2F83BD1D-C37E-49A4-8DFF-CE9E760C8D51\root\vfs\backup.exe"C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\2F83BD1D-C37E-49A4-8DFF-CE9E760C8D51\root\vfs\backup.exe" C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\2F83BD1D-C37E-49A4-8DFF-CE9E760C8D51\root\vfs\11⤵
-
C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\2F83BD1D-C37E-49A4-8DFF-CE9E760C8D51\root\vfs\Windows\backup.exe"C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\2F83BD1D-C37E-49A4-8DFF-CE9E760C8D51\root\vfs\Windows\backup.exe" C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\2F83BD1D-C37E-49A4-8DFF-CE9E760C8D51\root\vfs\Windows\12⤵
-
C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\2F83BD1D-C37E-49A4-8DFF-CE9E760C8D51\root\vfs\Windows\assembly\backup.exe"C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\2F83BD1D-C37E-49A4-8DFF-CE9E760C8D51\root\vfs\Windows\assembly\backup.exe" C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\2F83BD1D-C37E-49A4-8DFF-CE9E760C8D51\root\vfs\Windows\assembly\13⤵
-
C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\2F83BD1D-C37E-49A4-8DFF-CE9E760C8D51\root\vfs\Windows\assembly\GAC_MSIL\backup.exe"C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\2F83BD1D-C37E-49A4-8DFF-CE9E760C8D51\root\vfs\Windows\assembly\GAC_MSIL\backup.exe" C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\2F83BD1D-C37E-49A4-8DFF-CE9E760C8D51\root\vfs\Windows\assembly\GAC_MSIL\14⤵
-
C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\2F83BD1D-C37E-49A4-8DFF-CE9E760C8D51\root\vfs\Windows\assembly\GAC_MSIL\Microsoft.AnalysisServices.SPClient.Interfaces\backup.exe"C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\2F83BD1D-C37E-49A4-8DFF-CE9E760C8D51\root\vfs\Windows\assembly\GAC_MSIL\Microsoft.AnalysisServices.SPClient.Interfaces\backup.exe" C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\2F83BD1D-C37E-49A4-8DFF-CE9E760C8D51\root\vfs\Windows\assembly\GAC_MSIL\Microsoft.AnalysisServices.SPClient.Interfaces\15⤵
-
-
-
-
-
C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft\OFFICE\backup.exe"C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft\OFFICE\backup.exe" C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft\OFFICE\12⤵
-
C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft\OFFICE\Heartbeat\backup.exe"C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft\OFFICE\Heartbeat\backup.exe" C:\Program Files\Microsoft Office\root\vfs\Common AppData\Microsoft\OFFICE\Heartbeat\13⤵
-
-
-
-
-
-
-
-
-
-
C:\Program Files\Microsoft Office 15\backup.exe"C:\Program Files\Microsoft Office 15\backup.exe" C:\Program Files\Microsoft Office 15\5⤵
-
C:\Program Files\Microsoft Office 15\ClientX64\update.exe"C:\Program Files\Microsoft Office 15\ClientX64\update.exe" C:\Program Files\Microsoft Office 15\ClientX64\6⤵
-
-
-
C:\Program Files\Mozilla Firefox\backup.exe"C:\Program Files\Mozilla Firefox\backup.exe" C:\Program Files\Mozilla Firefox\5⤵
-
C:\Program Files\Mozilla Firefox\browser\backup.exe"C:\Program Files\Mozilla Firefox\browser\backup.exe" C:\Program Files\Mozilla Firefox\browser\6⤵
-
C:\Program Files\Mozilla Firefox\browser\features\backup.exe"C:\Program Files\Mozilla Firefox\browser\features\backup.exe" C:\Program Files\Mozilla Firefox\browser\features\7⤵
-
-
C:\Program Files\Mozilla Firefox\browser\VisualElements\backup.exe"C:\Program Files\Mozilla Firefox\browser\VisualElements\backup.exe" C:\Program Files\Mozilla Firefox\browser\VisualElements\7⤵
-
-
-
C:\Program Files\Mozilla Firefox\defaults\backup.exe"C:\Program Files\Mozilla Firefox\defaults\backup.exe" C:\Program Files\Mozilla Firefox\defaults\6⤵
-
C:\Program Files\Mozilla Firefox\defaults\pref\backup.exe"C:\Program Files\Mozilla Firefox\defaults\pref\backup.exe" C:\Program Files\Mozilla Firefox\defaults\pref\7⤵
-
-
-
C:\Program Files\Mozilla Firefox\fonts\backup.exe"C:\Program Files\Mozilla Firefox\fonts\backup.exe" C:\Program Files\Mozilla Firefox\fonts\6⤵
-
-
C:\Program Files\Mozilla Firefox\gmp-clearkey\backup.exe"C:\Program Files\Mozilla Firefox\gmp-clearkey\backup.exe" C:\Program Files\Mozilla Firefox\gmp-clearkey\6⤵
-
C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\backup.exe"C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\backup.exe" C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\7⤵
-
-
-
C:\Program Files\Mozilla Firefox\uninstall\backup.exe"C:\Program Files\Mozilla Firefox\uninstall\backup.exe" C:\Program Files\Mozilla Firefox\uninstall\6⤵
-
-
-
C:\Program Files\MSBuild\backup.exe"C:\Program Files\MSBuild\backup.exe" C:\Program Files\MSBuild\5⤵
-
C:\Program Files\MSBuild\Microsoft\backup.exe"C:\Program Files\MSBuild\Microsoft\backup.exe" C:\Program Files\MSBuild\Microsoft\6⤵
-
C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\backup.exe"C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\backup.exe" C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\7⤵
-
C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\backup.exe"C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\backup.exe" C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\8⤵
-
-
C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\backup.exe"C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\backup.exe" C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\8⤵
-
-
-
-
-
C:\Program Files\Reference Assemblies\backup.exe"C:\Program Files\Reference Assemblies\backup.exe" C:\Program Files\Reference Assemblies\5⤵
-
C:\Program Files\Reference Assemblies\Microsoft\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\6⤵
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\7⤵
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\8⤵
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\9⤵
-
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\9⤵
-
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\9⤵
-
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\9⤵
-
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\9⤵
-
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\9⤵
-
-
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\8⤵
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\de\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\de\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\de\9⤵
-
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\9⤵
-
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\9⤵
-
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\9⤵
-
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\9⤵
-
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\9⤵
-
-
-
-
-
-
C:\Program Files\VideoLAN\backup.exe"C:\Program Files\VideoLAN\backup.exe" C:\Program Files\VideoLAN\5⤵
-
C:\Program Files\VideoLAN\VLC\backup.exe"C:\Program Files\VideoLAN\VLC\backup.exe" C:\Program Files\VideoLAN\VLC\6⤵
-
C:\Program Files\VideoLAN\VLC\hrtfs\backup.exe"C:\Program Files\VideoLAN\VLC\hrtfs\backup.exe" C:\Program Files\VideoLAN\VLC\hrtfs\7⤵
-
-
C:\Program Files\VideoLAN\VLC\locale\backup.exe"C:\Program Files\VideoLAN\VLC\locale\backup.exe" C:\Program Files\VideoLAN\VLC\locale\7⤵
-
C:\Program Files\VideoLAN\VLC\locale\ach\backup.exe"C:\Program Files\VideoLAN\VLC\locale\ach\backup.exe" C:\Program Files\VideoLAN\VLC\locale\ach\8⤵
-
C:\Program Files\VideoLAN\VLC\locale\ach\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\ach\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\ach\LC_MESSAGES\9⤵
-
-
-
C:\Program Files\VideoLAN\VLC\locale\af\backup.exe"C:\Program Files\VideoLAN\VLC\locale\af\backup.exe" C:\Program Files\VideoLAN\VLC\locale\af\8⤵
-
C:\Program Files\VideoLAN\VLC\locale\af\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\af\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\af\LC_MESSAGES\9⤵
-
-
-
C:\Program Files\VideoLAN\VLC\locale\am\backup.exe"C:\Program Files\VideoLAN\VLC\locale\am\backup.exe" C:\Program Files\VideoLAN\VLC\locale\am\8⤵
-
C:\Program Files\VideoLAN\VLC\locale\am\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\am\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\am\LC_MESSAGES\9⤵
-
-
-
C:\Program Files\VideoLAN\VLC\locale\an\backup.exe"C:\Program Files\VideoLAN\VLC\locale\an\backup.exe" C:\Program Files\VideoLAN\VLC\locale\an\8⤵
-
C:\Program Files\VideoLAN\VLC\locale\an\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\an\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\an\LC_MESSAGES\9⤵
-
-
-
C:\Program Files\VideoLAN\VLC\locale\ar\backup.exe"C:\Program Files\VideoLAN\VLC\locale\ar\backup.exe" C:\Program Files\VideoLAN\VLC\locale\ar\8⤵
-
-
C:\Program Files\VideoLAN\VLC\locale\as_IN\backup.exe"C:\Program Files\VideoLAN\VLC\locale\as_IN\backup.exe" C:\Program Files\VideoLAN\VLC\locale\as_IN\8⤵
-
C:\Program Files\VideoLAN\VLC\locale\as_IN\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\as_IN\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\as_IN\LC_MESSAGES\9⤵
-
-
-
C:\Program Files\VideoLAN\VLC\locale\ast\backup.exe"C:\Program Files\VideoLAN\VLC\locale\ast\backup.exe" C:\Program Files\VideoLAN\VLC\locale\ast\8⤵
-
C:\Program Files\VideoLAN\VLC\locale\ast\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\ast\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\ast\LC_MESSAGES\9⤵
-
-
-
C:\Program Files\VideoLAN\VLC\locale\az\data.exe"C:\Program Files\VideoLAN\VLC\locale\az\data.exe" C:\Program Files\VideoLAN\VLC\locale\az\8⤵
-
C:\Program Files\VideoLAN\VLC\locale\az\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\az\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\az\LC_MESSAGES\9⤵
-
-
-
-
C:\Program Files\VideoLAN\VLC\lua\backup.exe"C:\Program Files\VideoLAN\VLC\lua\backup.exe" C:\Program Files\VideoLAN\VLC\lua\7⤵
-
C:\Program Files\VideoLAN\VLC\lua\extensions\backup.exe"C:\Program Files\VideoLAN\VLC\lua\extensions\backup.exe" C:\Program Files\VideoLAN\VLC\lua\extensions\8⤵
-
-
C:\Program Files\VideoLAN\VLC\lua\http\backup.exe"C:\Program Files\VideoLAN\VLC\lua\http\backup.exe" C:\Program Files\VideoLAN\VLC\lua\http\8⤵
-
C:\Program Files\VideoLAN\VLC\lua\http\css\backup.exe"C:\Program Files\VideoLAN\VLC\lua\http\css\backup.exe" C:\Program Files\VideoLAN\VLC\lua\http\css\9⤵
-
C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\backup.exe"C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\backup.exe" C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\10⤵
-
C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\backup.exe"C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\backup.exe" C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\11⤵
-
-
-
-
C:\Program Files\VideoLAN\VLC\lua\http\dialogs\backup.exe"C:\Program Files\VideoLAN\VLC\lua\http\dialogs\backup.exe" C:\Program Files\VideoLAN\VLC\lua\http\dialogs\9⤵
-
-
C:\Program Files\VideoLAN\VLC\lua\http\images\backup.exe"C:\Program Files\VideoLAN\VLC\lua\http\images\backup.exe" C:\Program Files\VideoLAN\VLC\lua\http\images\9⤵
-
-
C:\Program Files\VideoLAN\VLC\lua\http\js\backup.exe"C:\Program Files\VideoLAN\VLC\lua\http\js\backup.exe" C:\Program Files\VideoLAN\VLC\lua\http\js\9⤵
-
-
C:\Program Files\VideoLAN\VLC\lua\http\requests\backup.exe"C:\Program Files\VideoLAN\VLC\lua\http\requests\backup.exe" C:\Program Files\VideoLAN\VLC\lua\http\requests\9⤵
-
-
-
C:\Program Files\VideoLAN\VLC\lua\intf\backup.exe"C:\Program Files\VideoLAN\VLC\lua\intf\backup.exe" C:\Program Files\VideoLAN\VLC\lua\intf\8⤵
-
C:\Program Files\VideoLAN\VLC\lua\intf\modules\backup.exe"C:\Program Files\VideoLAN\VLC\lua\intf\modules\backup.exe" C:\Program Files\VideoLAN\VLC\lua\intf\modules\9⤵
-
-
-
C:\Program Files\VideoLAN\VLC\lua\meta\backup.exe"C:\Program Files\VideoLAN\VLC\lua\meta\backup.exe" C:\Program Files\VideoLAN\VLC\lua\meta\8⤵
-
C:\Program Files\VideoLAN\VLC\lua\meta\art\backup.exe"C:\Program Files\VideoLAN\VLC\lua\meta\art\backup.exe" C:\Program Files\VideoLAN\VLC\lua\meta\art\9⤵
-
-
C:\Program Files\VideoLAN\VLC\lua\meta\reader\backup.exe"C:\Program Files\VideoLAN\VLC\lua\meta\reader\backup.exe" C:\Program Files\VideoLAN\VLC\lua\meta\reader\9⤵
-
-
-
C:\Program Files\VideoLAN\VLC\lua\modules\data.exe"C:\Program Files\VideoLAN\VLC\lua\modules\data.exe" C:\Program Files\VideoLAN\VLC\lua\modules\8⤵
-
-
-
C:\Program Files\VideoLAN\VLC\plugins\backup.exe"C:\Program Files\VideoLAN\VLC\plugins\backup.exe" C:\Program Files\VideoLAN\VLC\plugins\7⤵
-
C:\Program Files\VideoLAN\VLC\plugins\access\backup.exe"C:\Program Files\VideoLAN\VLC\plugins\access\backup.exe" C:\Program Files\VideoLAN\VLC\plugins\access\8⤵
-
-
C:\Program Files\VideoLAN\VLC\plugins\access_output\backup.exe"C:\Program Files\VideoLAN\VLC\plugins\access_output\backup.exe" C:\Program Files\VideoLAN\VLC\plugins\access_output\8⤵
-
-
C:\Program Files\VideoLAN\VLC\plugins\audio_filter\update.exe"C:\Program Files\VideoLAN\VLC\plugins\audio_filter\update.exe" C:\Program Files\VideoLAN\VLC\plugins\audio_filter\8⤵
-
-
C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\backup.exe"C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\backup.exe" C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\8⤵
-
-
C:\Program Files\VideoLAN\VLC\plugins\audio_output\backup.exe"C:\Program Files\VideoLAN\VLC\plugins\audio_output\backup.exe" C:\Program Files\VideoLAN\VLC\plugins\audio_output\8⤵
-
-
C:\Program Files\VideoLAN\VLC\plugins\codec\backup.exe"C:\Program Files\VideoLAN\VLC\plugins\codec\backup.exe" C:\Program Files\VideoLAN\VLC\plugins\codec\8⤵
-
-
-
C:\Program Files\VideoLAN\VLC\skins\backup.exe"C:\Program Files\VideoLAN\VLC\skins\backup.exe" C:\Program Files\VideoLAN\VLC\skins\7⤵
-
C:\Program Files\VideoLAN\VLC\skins\fonts\backup.exe"C:\Program Files\VideoLAN\VLC\skins\fonts\backup.exe" C:\Program Files\VideoLAN\VLC\skins\fonts\8⤵
-
-
-
-
-
C:\Program Files\Windows Defender\backup.exe"C:\Program Files\Windows Defender\backup.exe" C:\Program Files\Windows Defender\5⤵
-
C:\Program Files\Windows Defender\de-DE\backup.exe"C:\Program Files\Windows Defender\de-DE\backup.exe" C:\Program Files\Windows Defender\de-DE\6⤵
-
-
C:\Program Files\Windows Defender\es-ES\backup.exe"C:\Program Files\Windows Defender\es-ES\backup.exe" C:\Program Files\Windows Defender\es-ES\6⤵
-
-
C:\Program Files\Windows Defender\fr-FR\backup.exe"C:\Program Files\Windows Defender\fr-FR\backup.exe" C:\Program Files\Windows Defender\fr-FR\6⤵
-
-
C:\Program Files\Windows Defender\it-IT\backup.exe"C:\Program Files\Windows Defender\it-IT\backup.exe" C:\Program Files\Windows Defender\it-IT\6⤵
-
-
C:\Program Files\Windows Defender\ja-JP\backup.exe"C:\Program Files\Windows Defender\ja-JP\backup.exe" C:\Program Files\Windows Defender\ja-JP\6⤵
-
-
-
C:\Program Files\Windows Mail\backup.exe"C:\Program Files\Windows Mail\backup.exe" C:\Program Files\Windows Mail\5⤵
-
-
C:\Program Files\Windows Media Player\backup.exe"C:\Program Files\Windows Media Player\backup.exe" C:\Program Files\Windows Media Player\5⤵
-
C:\Program Files\Windows Media Player\de-DE\backup.exe"C:\Program Files\Windows Media Player\de-DE\backup.exe" C:\Program Files\Windows Media Player\de-DE\6⤵
-
-
C:\Program Files\Windows Media Player\en-US\backup.exe"C:\Program Files\Windows Media Player\en-US\backup.exe" C:\Program Files\Windows Media Player\en-US\6⤵
-
-
C:\Program Files\Windows Media Player\es-ES\backup.exe"C:\Program Files\Windows Media Player\es-ES\backup.exe" C:\Program Files\Windows Media Player\es-ES\6⤵
-
-
C:\Program Files\Windows Media Player\fr-FR\backup.exe"C:\Program Files\Windows Media Player\fr-FR\backup.exe" C:\Program Files\Windows Media Player\fr-FR\6⤵
-
-
C:\Program Files\Windows Media Player\it-IT\backup.exe"C:\Program Files\Windows Media Player\it-IT\backup.exe" C:\Program Files\Windows Media Player\it-IT\6⤵
-
-
C:\Program Files\Windows Media Player\ja-JP\backup.exe"C:\Program Files\Windows Media Player\ja-JP\backup.exe" C:\Program Files\Windows Media Player\ja-JP\6⤵
-
-
C:\Program Files\Windows Media Player\Media Renderer\backup.exe"C:\Program Files\Windows Media Player\Media Renderer\backup.exe" C:\Program Files\Windows Media Player\Media Renderer\6⤵
-
-
C:\Program Files\Windows Media Player\Network Sharing\backup.exe"C:\Program Files\Windows Media Player\Network Sharing\backup.exe" C:\Program Files\Windows Media Player\Network Sharing\6⤵
-
-
C:\Program Files\Windows Media Player\Skins\System Restore.exe"C:\Program Files\Windows Media Player\Skins\System Restore.exe" C:\Program Files\Windows Media Player\Skins\6⤵
-
-
-
C:\Program Files\Windows Multimedia Platform\data.exe"C:\Program Files\Windows Multimedia Platform\data.exe" C:\Program Files\Windows Multimedia Platform\5⤵
-
-
C:\Program Files\Windows NT\backup.exe"C:\Program Files\Windows NT\backup.exe" C:\Program Files\Windows NT\5⤵
-
C:\Program Files\Windows NT\Accessories\backup.exe"C:\Program Files\Windows NT\Accessories\backup.exe" C:\Program Files\Windows NT\Accessories\6⤵
-
C:\Program Files\Windows NT\Accessories\en-US\backup.exe"C:\Program Files\Windows NT\Accessories\en-US\backup.exe" C:\Program Files\Windows NT\Accessories\en-US\7⤵
-
-
-
C:\Program Files\Windows NT\TableTextService\data.exe"C:\Program Files\Windows NT\TableTextService\data.exe" C:\Program Files\Windows NT\TableTextService\6⤵
-
-
-
-
C:\Program Files (x86)\backup.exe"C:\Program Files (x86)\backup.exe" C:\Program Files (x86)\4⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files (x86)\Adobe\backup.exe"C:\Program Files (x86)\Adobe\backup.exe" C:\Program Files (x86)\Adobe\5⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\6⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\7⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\7⤵
- Executes dropped EXE
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroApp\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroApp\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroApp\8⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroApp\ENU\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroApp\ENU\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroApp\ENU\9⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\8⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\locales\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\locales\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\locales\9⤵
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroLayoutRecognizer\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroLayoutRecognizer\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroLayoutRecognizer\8⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\8⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Browser\update.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Browser\update.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Browser\8⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Browser\WCChromeExtn\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Browser\WCChromeExtn\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Browser\WCChromeExtn\9⤵
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\System Restore.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\System Restore.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\8⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\ENU\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\ENU\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\ENU\9⤵
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Javascripts\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Javascripts\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Javascripts\8⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Legal\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Legal\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Legal\8⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Legal\ENU\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Legal\ENU\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Legal\ENU\9⤵
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Locale\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Locale\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Locale\8⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Locale\en_US\System Restore.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Locale\en_US\System Restore.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Locale\en_US\9⤵
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\8⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\AcroForm\data.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\AcroForm\data.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\AcroForm\9⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\AcroForm\PMP\data.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\AcroForm\PMP\data.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\AcroForm\PMP\10⤵
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Annotations\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Annotations\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Annotations\9⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Annotations\Stamps\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Annotations\Stamps\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Annotations\Stamps\10⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Annotations\Stamps\ENU\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Annotations\Stamps\ENU\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Annotations\Stamps\ENU\11⤵
- Modifies visibility of file extensions in Explorer
-
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Multimedia\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Multimedia\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Multimedia\9⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Multimedia\MPP\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Multimedia\MPP\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Multimedia\MPP\10⤵
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\pi_brokers\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\pi_brokers\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\pi_brokers\9⤵
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins3d\data.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins3d\data.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins3d\8⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins3d\prc\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins3d\prc\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins3d\prc\9⤵
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Tracker\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Tracker\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Tracker\8⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\UIThemes\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\UIThemes\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\UIThemes\8⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\8⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\9⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\10⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\11⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\core\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\core\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\core\12⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\core\dev\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\core\dev\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\core\dev\13⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\core\dev\cef\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\core\dev\cef\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\core\dev\cef\14⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\core\dev\libs\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\core\dev\libs\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\core\dev\libs\14⤵
-
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\files\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\files\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\files\12⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\files\dev\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\files\dev\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\files\dev\13⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\files\dev\cef\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\files\dev\cef\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\files\dev\cef\14⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\files\dev\libs\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\files\dev\libs\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\files\dev\libs\14⤵
-
-
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\11⤵
- System policy modification
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\12⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\hi_contrast\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\hi_contrast\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\hi_contrast\13⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\themes\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\themes\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\themes\13⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\themes\dark\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\themes\dark\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\themes\dark\14⤵
-
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\hi_contrast\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\hi_contrast\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\hi_contrast\12⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\System Restore.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\System Restore.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\12⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\13⤵
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win8-scrollbar\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win8-scrollbar\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win8-scrollbar\12⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win8-scrollbar\themes\update.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win8-scrollbar\themes\update.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win8-scrollbar\themes\13⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win8-scrollbar\themes\dark\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win8-scrollbar\themes\dark\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win8-scrollbar\themes\dark\14⤵
-
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win-scrollbar\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win-scrollbar\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win-scrollbar\12⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win-scrollbar\themes\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win-scrollbar\themes\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win-scrollbar\themes\13⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win-scrollbar\themes\dark\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win-scrollbar\themes\dark\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win-scrollbar\themes\dark\14⤵
-
-
-
C:\Program Files\Microsoft Office\root\Templates\1033\GettingStarted16\backup.exe"C:\Program Files\Microsoft Office\root\Templates\1033\GettingStarted16\backup.exe" C:\Program Files\Microsoft Office\root\Templates\1033\GettingStarted16\13⤵
-
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\11⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\12⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\13⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\14⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ar-ae\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ar-ae\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ar-ae\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ca-es\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ca-es\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ca-es\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\cs-cz\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\cs-cz\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\cs-cz\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\da-dk\update.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\da-dk\update.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\da-dk\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\en-ae\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\en-ae\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\en-ae\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\de-de\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\de-de\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\de-de\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\en-gb\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\en-gb\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\en-gb\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\en-il\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\en-il\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\en-il\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\es-es\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\es-es\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\es-es\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\eu-es\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\eu-es\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\eu-es\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\fi-fi\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\fi-fi\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\fi-fi\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\fr-fr\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\fr-fr\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\fr-fr\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\fr-ma\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\fr-ma\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\fr-ma\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\he-il\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\he-il\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\he-il\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\hu-hu\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\hu-hu\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\hu-hu\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\hr-hr\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\hr-hr\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\hr-hr\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\it-it\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\it-it\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\it-it\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ja-jp\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ja-jp\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ja-jp\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ko-kr\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ko-kr\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ko-kr\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\nb-no\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\nb-no\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\nb-no\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\nl-nl\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\nl-nl\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\nl-nl\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\pl-pl\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\pl-pl\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\pl-pl\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\pt-br\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\pt-br\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\pt-br\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\root\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\root\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\root\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ru-ru\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ru-ru\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ru-ru\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ro-ro\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ro-ro\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ro-ro\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\sk-sk\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\sk-sk\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\sk-sk\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\sl-si\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\sl-si\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\sl-si\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\sl-sl\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\sl-sl\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\sl-sl\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\sv-se\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\sv-se\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\sv-se\15⤵
-
-
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app-api\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app-api\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app-api\12⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app-api\dev\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app-api\dev\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app-api\dev\13⤵
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\12⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\13⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\14⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\ar-ae\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\ar-ae\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\ar-ae\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\ca-es\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\ca-es\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\ca-es\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\cs-cz\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\cs-cz\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\cs-cz\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\da-dk\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\da-dk\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\da-dk\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\de-de\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\de-de\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\de-de\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\en-ae\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\en-ae\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\en-ae\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\en-il\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\en-il\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\en-il\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\en-gb\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\en-gb\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\en-gb\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\es-es\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\es-es\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\es-es\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\eu-es\update.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\eu-es\update.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\eu-es\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\fi-fi\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\fi-fi\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\fi-fi\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\fr-fr\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\fr-fr\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\fr-fr\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\fr-ma\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\fr-ma\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\fr-ma\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\he-il\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\he-il\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\he-il\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\hr-hr\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\hr-hr\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\hr-hr\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\hu-hu\update.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\hu-hu\update.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\hu-hu\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\it-it\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\it-it\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\it-it\15⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\ja-jp\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\ja-jp\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\ja-jp\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\ko-kr\update.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\ko-kr\update.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\ko-kr\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\nb-no\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\nb-no\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\nb-no\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\nl-nl\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\nl-nl\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\nl-nl\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\pl-pl\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\pl-pl\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\pl-pl\15⤵
-
-
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\12⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\13⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\14⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\ar-ae\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\ar-ae\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\ar-ae\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\ca-es\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\ca-es\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\ca-es\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\cs-cz\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\cs-cz\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\cs-cz\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\da-dk\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\da-dk\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\da-dk\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\de-de\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\de-de\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\de-de\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\en-ae\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\en-ae\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\en-ae\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\en-gb\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\en-gb\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\en-gb\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\en-il\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\en-il\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\en-il\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\es-es\data.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\es-es\data.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\es-es\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\eu-es\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\eu-es\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\eu-es\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\fi-fi\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\fi-fi\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\fi-fi\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\fr-fr\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\fr-fr\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\fr-fr\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\fr-ma\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\fr-ma\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\fr-ma\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\he-il\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\he-il\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\he-il\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\hr-hr\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\hr-hr\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\hr-hr\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\hu-hu\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\hu-hu\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\hu-hu\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\it-it\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\it-it\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\it-it\15⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\ja-jp\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\ja-jp\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\ja-jp\15⤵
-
-
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\libs\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\libs\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\libs\12⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\libs\jquery.ui.touch-punch\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\libs\jquery.ui.touch-punch\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\libs\jquery.ui.touch-punch\13⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\libs\jquery.ui.touch-punch\0.2.2\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\libs\jquery.ui.touch-punch\0.2.2\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\libs\jquery.ui.touch-punch\0.2.2\14⤵
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\libs\require\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\libs\require\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\libs\require\13⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\libs\require\2.1.15\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\libs\require\2.1.15\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\libs\require\2.1.15\14⤵
-
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\12⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\13⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\css\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\css\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\css\14⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\images\data.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\images\data.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\images\14⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\14⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\15⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\ar-ae\update.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\ar-ae\update.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\ar-ae\16⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\ca-es\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\ca-es\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\ca-es\16⤵
-
-
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\13⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\css\update.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\css\update.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\css\14⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\images\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\images\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\images\14⤵
-
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\misc\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\misc\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\misc\12⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\versions\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\versions\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\versions\12⤵
-
-
-
-
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\data.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\data.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\7⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\8⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\PFM\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\PFM\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\PFM\9⤵
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\SaslPrep\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\SaslPrep\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\SaslPrep\8⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\update.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\update.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\8⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\9⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\ICU\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\ICU\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\ICU\10⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\10⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\Adobe\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\Adobe\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\Adobe\11⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\Mac\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\Mac\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\Mac\11⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\win\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\win\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\win\11⤵
-
-
-
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Setup Files\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Setup Files\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Setup Files\7⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Setup Files\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}\data.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Setup Files\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}\data.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Setup Files\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}\8⤵
-
-
-
-
-
C:\Program Files (x86)\Common Files\System Restore.exe"C:\Program Files (x86)\Common Files\System Restore.exe" C:\Program Files (x86)\Common Files\5⤵
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Common Files\Adobe\update.exe"C:\Program Files (x86)\Common Files\Adobe\update.exe" C:\Program Files (x86)\Common Files\Adobe\6⤵
-
C:\Program Files (x86)\Common Files\Adobe\Acrobat\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Acrobat\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Acrobat\7⤵
- Drops file in Program Files directory
- System policy modification
-
-
C:\Program Files (x86)\Common Files\Adobe\ARM\backup.exe"C:\Program Files (x86)\Common Files\Adobe\ARM\backup.exe" C:\Program Files (x86)\Common Files\Adobe\ARM\7⤵
-
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\backup.exe"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\backup.exe" C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\8⤵
-
-
-
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\backup.exe"C:\Program Files (x86)\Common Files\Adobe\HelpCfg\backup.exe" C:\Program Files (x86)\Common Files\Adobe\HelpCfg\7⤵
-
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\en_US\backup.exe"C:\Program Files (x86)\Common Files\Adobe\HelpCfg\en_US\backup.exe" C:\Program Files (x86)\Common Files\Adobe\HelpCfg\en_US\8⤵
-
-
-
C:\Program Files (x86)\Common Files\Adobe\Reader\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\7⤵
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\update.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\update.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\8⤵
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\9⤵
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\LanguageNames2\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\LanguageNames2\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\LanguageNames2\10⤵
- System policy modification
-
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\data.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\data.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\10⤵
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Adobe\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Adobe\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Adobe\11⤵
-
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\11⤵
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\12⤵
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Abbreviations\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Abbreviations\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Abbreviations\13⤵
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Abbreviations\en_CA\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Abbreviations\en_CA\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Abbreviations\en_CA\14⤵
-
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Abbreviations\en_GB\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Abbreviations\en_GB\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Abbreviations\en_GB\14⤵
-
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Abbreviations\en_US\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Abbreviations\en_US\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Abbreviations\en_US\14⤵
-
-
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Dictionaries\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Dictionaries\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Dictionaries\13⤵
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Dictionaries\en_CA\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Dictionaries\en_CA\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Dictionaries\en_CA\14⤵
-
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Dictionaries\en_GB\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Dictionaries\en_GB\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Dictionaries\en_GB\14⤵
-
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Dictionaries\en_US\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Dictionaries\en_US\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Dictionaries\en_US\14⤵
-
-
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\SupplementalDictionaries\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\SupplementalDictionaries\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\SupplementalDictionaries\13⤵
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\SupplementalDictionaries\en_CA\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\SupplementalDictionaries\en_CA\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\SupplementalDictionaries\en_CA\14⤵
-
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\SupplementalDictionaries\en_GB\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\SupplementalDictionaries\en_GB\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\SupplementalDictionaries\en_GB\14⤵
-
-
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\SupplementalDictionaries\en_US\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\SupplementalDictionaries\en_US\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\SupplementalDictionaries\en_US\14⤵
-
-
-
-
-
-
-
-
-
-
C:\Program Files (x86)\Common Files\Java\backup.exe"C:\Program Files (x86)\Common Files\Java\backup.exe" C:\Program Files (x86)\Common Files\Java\6⤵
-
C:\Program Files (x86)\Common Files\Java\Java Update\backup.exe"C:\Program Files (x86)\Common Files\Java\Java Update\backup.exe" C:\Program Files (x86)\Common Files\Java\Java Update\7⤵
-
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\6⤵
-
C:\Program Files (x86)\Common Files\Microsoft Shared\DAO\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\DAO\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\DAO\7⤵
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\Filters\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\Filters\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\Filters\7⤵
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\ink\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\ink\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\ink\7⤵
-
C:\Program Files (x86)\Common Files\Microsoft Shared\ink\de-DE\data.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\ink\de-DE\data.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\ink\de-DE\8⤵
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\ink\en-US\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\ink\en-US\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\ink\en-US\8⤵
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\ink\es-ES\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\ink\es-ES\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\ink\es-ES\8⤵
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\ink\fr-FR\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\ink\fr-FR\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\ink\fr-FR\8⤵
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\ink\HWRCustomization\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\ink\HWRCustomization\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\ink\HWRCustomization\8⤵
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\ink\it-IT\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\ink\it-IT\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\ink\it-IT\8⤵
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\ink\ja-JP\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\ink\ja-JP\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\ink\ja-JP\8⤵
-
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\MSEnv\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\MSEnv\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\MSEnv\7⤵
-
C:\Program Files (x86)\Common Files\Microsoft Shared\MSEnv\PublicAssemblies\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\MSEnv\PublicAssemblies\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\MSEnv\PublicAssemblies\8⤵
-
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\MSInfo\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\MSInfo\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\MSInfo\7⤵
-
C:\Program Files (x86)\Common Files\Microsoft Shared\MSInfo\en-US\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\MSInfo\en-US\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\MSInfo\en-US\8⤵
-
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\Stationery\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\Stationery\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\Stationery\7⤵
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\TextConv\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\TextConv\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\TextConv\7⤵
-
C:\Program Files (x86)\Common Files\Microsoft Shared\TextConv\en-US\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\TextConv\en-US\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\TextConv\en-US\8⤵
-
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\Triedit\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\Triedit\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\Triedit\7⤵
-
C:\Program Files (x86)\Common Files\Microsoft Shared\Triedit\en-US\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\Triedit\en-US\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\Triedit\en-US\8⤵
-
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\VC\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\VC\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\VC\7⤵
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\7⤵
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\7⤵
-
C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\AppInfoDocument\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\AppInfoDocument\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\AppInfoDocument\8⤵
-
C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument\System Restore.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument\System Restore.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument\9⤵
-
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\8⤵
-
C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInSideAdapters\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInSideAdapters\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInSideAdapters\9⤵
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInViews\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInViews\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInViews\9⤵
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\Contracts\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\Contracts\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\Contracts\9⤵
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\HostSideAdapters\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\HostSideAdapters\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\HostSideAdapters\9⤵
-
-
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\7⤵
-
C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\8⤵
-
C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1033\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1033\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1033\9⤵
-
-
-
-
-
C:\Program Files (x86)\Common Files\Oracle\backup.exe"C:\Program Files (x86)\Common Files\Oracle\backup.exe" C:\Program Files (x86)\Common Files\Oracle\6⤵
-
C:\Program Files (x86)\Common Files\Oracle\Java\backup.exe"C:\Program Files (x86)\Common Files\Oracle\Java\backup.exe" C:\Program Files (x86)\Common Files\Oracle\Java\7⤵
-
C:\Program Files (x86)\Common Files\Oracle\Java\javapath\data.exe"C:\Program Files (x86)\Common Files\Oracle\Java\javapath\data.exe" C:\Program Files (x86)\Common Files\Oracle\Java\javapath\8⤵
-
-
-
-
C:\Program Files (x86)\Common Files\Services\backup.exe"C:\Program Files (x86)\Common Files\Services\backup.exe" C:\Program Files (x86)\Common Files\Services\6⤵
-
-
C:\Program Files (x86)\Common Files\System\backup.exe"C:\Program Files (x86)\Common Files\System\backup.exe" C:\Program Files (x86)\Common Files\System\6⤵
-
C:\Program Files (x86)\Common Files\System\ado\backup.exe"C:\Program Files (x86)\Common Files\System\ado\backup.exe" C:\Program Files (x86)\Common Files\System\ado\7⤵
- Drops file in Program Files directory
-
C:\Program Files (x86)\Common Files\System\ado\de-DE\backup.exe"C:\Program Files (x86)\Common Files\System\ado\de-DE\backup.exe" C:\Program Files (x86)\Common Files\System\ado\de-DE\8⤵
-
-
C:\Program Files (x86)\Common Files\System\ado\en-US\backup.exe"C:\Program Files (x86)\Common Files\System\ado\en-US\backup.exe" C:\Program Files (x86)\Common Files\System\ado\en-US\8⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files (x86)\Common Files\System\ado\es-ES\backup.exe"C:\Program Files (x86)\Common Files\System\ado\es-ES\backup.exe" C:\Program Files (x86)\Common Files\System\ado\es-ES\8⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files (x86)\Common Files\System\ado\fr-FR\backup.exe"C:\Program Files (x86)\Common Files\System\ado\fr-FR\backup.exe" C:\Program Files (x86)\Common Files\System\ado\fr-FR\8⤵
-
-
C:\Program Files (x86)\Common Files\System\ado\it-IT\backup.exe"C:\Program Files (x86)\Common Files\System\ado\it-IT\backup.exe" C:\Program Files (x86)\Common Files\System\ado\it-IT\8⤵
-
-
C:\Program Files (x86)\Common Files\System\ado\ja-JP\backup.exe"C:\Program Files (x86)\Common Files\System\ado\ja-JP\backup.exe" C:\Program Files (x86)\Common Files\System\ado\ja-JP\8⤵
-
-
-
C:\Program Files (x86)\Common Files\System\de-DE\backup.exe"C:\Program Files (x86)\Common Files\System\de-DE\backup.exe" C:\Program Files (x86)\Common Files\System\de-DE\7⤵
-
-
C:\Program Files (x86)\Common Files\System\en-US\backup.exe"C:\Program Files (x86)\Common Files\System\en-US\backup.exe" C:\Program Files (x86)\Common Files\System\en-US\7⤵
-
-
C:\Program Files (x86)\Common Files\System\es-ES\backup.exe"C:\Program Files (x86)\Common Files\System\es-ES\backup.exe" C:\Program Files (x86)\Common Files\System\es-ES\7⤵
-
-
C:\Program Files (x86)\Common Files\System\fr-FR\backup.exe"C:\Program Files (x86)\Common Files\System\fr-FR\backup.exe" C:\Program Files (x86)\Common Files\System\fr-FR\7⤵
-
-
C:\Program Files (x86)\Common Files\System\it-IT\backup.exe"C:\Program Files (x86)\Common Files\System\it-IT\backup.exe" C:\Program Files (x86)\Common Files\System\it-IT\7⤵
-
-
C:\Program Files (x86)\Common Files\System\msadc\backup.exe"C:\Program Files (x86)\Common Files\System\msadc\backup.exe" C:\Program Files (x86)\Common Files\System\msadc\7⤵
-
C:\Program Files (x86)\Common Files\System\msadc\de-DE\backup.exe"C:\Program Files (x86)\Common Files\System\msadc\de-DE\backup.exe" C:\Program Files (x86)\Common Files\System\msadc\de-DE\8⤵
-
-
C:\Program Files (x86)\Common Files\System\msadc\en-US\backup.exe"C:\Program Files (x86)\Common Files\System\msadc\en-US\backup.exe" C:\Program Files (x86)\Common Files\System\msadc\en-US\8⤵
-
-
C:\Program Files (x86)\Common Files\System\msadc\es-ES\backup.exe"C:\Program Files (x86)\Common Files\System\msadc\es-ES\backup.exe" C:\Program Files (x86)\Common Files\System\msadc\es-ES\8⤵
-
-
C:\Program Files (x86)\Common Files\System\msadc\fr-FR\backup.exe"C:\Program Files (x86)\Common Files\System\msadc\fr-FR\backup.exe" C:\Program Files (x86)\Common Files\System\msadc\fr-FR\8⤵
-
-
C:\Program Files (x86)\Common Files\System\msadc\it-IT\backup.exe"C:\Program Files (x86)\Common Files\System\msadc\it-IT\backup.exe" C:\Program Files (x86)\Common Files\System\msadc\it-IT\8⤵
-
-
C:\Program Files (x86)\Common Files\System\msadc\ja-JP\backup.exe"C:\Program Files (x86)\Common Files\System\msadc\ja-JP\backup.exe" C:\Program Files (x86)\Common Files\System\msadc\ja-JP\8⤵
-
-
-
C:\Program Files (x86)\Common Files\System\ja-JP\backup.exe"C:\Program Files (x86)\Common Files\System\ja-JP\backup.exe" C:\Program Files (x86)\Common Files\System\ja-JP\7⤵
-
-
C:\Program Files (x86)\Common Files\System\Ole DB\System Restore.exe"C:\Program Files (x86)\Common Files\System\Ole DB\System Restore.exe" C:\Program Files (x86)\Common Files\System\Ole DB\7⤵
-
C:\Program Files (x86)\Common Files\System\Ole DB\de-DE\backup.exe"C:\Program Files (x86)\Common Files\System\Ole DB\de-DE\backup.exe" C:\Program Files (x86)\Common Files\System\Ole DB\de-DE\8⤵
-
-
C:\Program Files (x86)\Common Files\System\Ole DB\en-US\update.exe"C:\Program Files (x86)\Common Files\System\Ole DB\en-US\update.exe" C:\Program Files (x86)\Common Files\System\Ole DB\en-US\8⤵
-
-
C:\Program Files (x86)\Common Files\System\Ole DB\es-ES\data.exe"C:\Program Files (x86)\Common Files\System\Ole DB\es-ES\data.exe" C:\Program Files (x86)\Common Files\System\Ole DB\es-ES\8⤵
-
-
C:\Program Files (x86)\Common Files\System\Ole DB\fr-FR\backup.exe"C:\Program Files (x86)\Common Files\System\Ole DB\fr-FR\backup.exe" C:\Program Files (x86)\Common Files\System\Ole DB\fr-FR\8⤵
-
-
C:\Program Files (x86)\Common Files\System\Ole DB\it-IT\backup.exe"C:\Program Files (x86)\Common Files\System\Ole DB\it-IT\backup.exe" C:\Program Files (x86)\Common Files\System\Ole DB\it-IT\8⤵
-
-
C:\Program Files (x86)\Common Files\System\Ole DB\ja-JP\backup.exe"C:\Program Files (x86)\Common Files\System\Ole DB\ja-JP\backup.exe" C:\Program Files (x86)\Common Files\System\Ole DB\ja-JP\8⤵
-
-
-
-
-
C:\Program Files (x86)\Google\backup.exe"C:\Program Files (x86)\Google\backup.exe" C:\Program Files (x86)\Google\5⤵
-
C:\Program Files (x86)\Google\CrashReports\backup.exe"C:\Program Files (x86)\Google\CrashReports\backup.exe" C:\Program Files (x86)\Google\CrashReports\6⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
-
-
C:\Program Files (x86)\Google\Temp\backup.exe"C:\Program Files (x86)\Google\Temp\backup.exe" C:\Program Files (x86)\Google\Temp\6⤵
-
-
C:\Program Files (x86)\Google\Update\backup.exe"C:\Program Files (x86)\Google\Update\backup.exe" C:\Program Files (x86)\Google\Update\6⤵
-
C:\Program Files (x86)\Google\Update\1.3.36.151\backup.exe"C:\Program Files (x86)\Google\Update\1.3.36.151\backup.exe" C:\Program Files (x86)\Google\Update\1.3.36.151\7⤵
-
-
C:\Program Files (x86)\Google\Update\Download\backup.exe"C:\Program Files (x86)\Google\Update\Download\backup.exe" C:\Program Files (x86)\Google\Update\Download\7⤵
-
C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\backup.exe"C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\backup.exe" C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\8⤵
-
C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\106.0.5249.119\backup.exe"C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\106.0.5249.119\backup.exe" C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\106.0.5249.119\9⤵
-
-
-
-
C:\Program Files (x86)\Google\Update\Install\backup.exe"C:\Program Files (x86)\Google\Update\Install\backup.exe" C:\Program Files (x86)\Google\Update\Install\7⤵
-
C:\Program Files (x86)\Google\Update\Install\{18238221-87DD-468B-83D3-9DB71CA592AF}\data.exe"C:\Program Files (x86)\Google\Update\Install\{18238221-87DD-468B-83D3-9DB71CA592AF}\data.exe" C:\Program Files (x86)\Google\Update\Install\{18238221-87DD-468B-83D3-9DB71CA592AF}\8⤵
-
-
-
C:\Program Files (x86)\Google\Update\Offline\backup.exe"C:\Program Files (x86)\Google\Update\Offline\backup.exe" C:\Program Files (x86)\Google\Update\Offline\7⤵
-
-
-
-
C:\Program Files (x86)\Internet Explorer\backup.exe"C:\Program Files (x86)\Internet Explorer\backup.exe" C:\Program Files (x86)\Internet Explorer\5⤵
-
C:\Program Files (x86)\Internet Explorer\de-DE\backup.exe"C:\Program Files (x86)\Internet Explorer\de-DE\backup.exe" C:\Program Files (x86)\Internet Explorer\de-DE\6⤵
-
-
C:\Program Files (x86)\Internet Explorer\en-US\backup.exe"C:\Program Files (x86)\Internet Explorer\en-US\backup.exe" C:\Program Files (x86)\Internet Explorer\en-US\6⤵
-
-
C:\Program Files (x86)\Internet Explorer\es-ES\backup.exe"C:\Program Files (x86)\Internet Explorer\es-ES\backup.exe" C:\Program Files (x86)\Internet Explorer\es-ES\6⤵
-
-
C:\Program Files (x86)\Internet Explorer\fr-FR\backup.exe"C:\Program Files (x86)\Internet Explorer\fr-FR\backup.exe" C:\Program Files (x86)\Internet Explorer\fr-FR\6⤵
-
-
C:\Program Files (x86)\Internet Explorer\images\backup.exe"C:\Program Files (x86)\Internet Explorer\images\backup.exe" C:\Program Files (x86)\Internet Explorer\images\6⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files (x86)\Internet Explorer\it-IT\backup.exe"C:\Program Files (x86)\Internet Explorer\it-IT\backup.exe" C:\Program Files (x86)\Internet Explorer\it-IT\6⤵
-
-
C:\Program Files (x86)\Internet Explorer\ja-JP\System Restore.exe"C:\Program Files (x86)\Internet Explorer\ja-JP\System Restore.exe" C:\Program Files (x86)\Internet Explorer\ja-JP\6⤵
-
-
C:\Program Files (x86)\Internet Explorer\SIGNUP\backup.exe"C:\Program Files (x86)\Internet Explorer\SIGNUP\backup.exe" C:\Program Files (x86)\Internet Explorer\SIGNUP\6⤵
-
-
-
C:\Program Files (x86)\Microsoft\data.exe"C:\Program Files (x86)\Microsoft\data.exe" C:\Program Files (x86)\Microsoft\5⤵
-
C:\Program Files (x86)\Microsoft\Edge\update.exe"C:\Program Files (x86)\Microsoft\Edge\update.exe" C:\Program Files (x86)\Microsoft\Edge\6⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\7⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\8⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\BHO\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\BHO\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\BHO\9⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\EBWebView\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\EBWebView\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\EBWebView\9⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\EBWebView\x64\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\EBWebView\x64\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\EBWebView\x64\10⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\EBWebView\x86\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\EBWebView\x86\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\EBWebView\x86\10⤵
-
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Extensions\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Extensions\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Extensions\9⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_proxy\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_proxy\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_proxy\9⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\MEIPreload\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\MEIPreload\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\MEIPreload\9⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\MLModels\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\MLModels\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\MLModels\9⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Locales\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Locales\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Locales\9⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\9⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Notifications\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Notifications\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Notifications\9⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\PlayReadyCdm\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\PlayReadyCdm\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\PlayReadyCdm\9⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\PlayReadyCdm\_platform_specific\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\PlayReadyCdm\_platform_specific\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\PlayReadyCdm\_platform_specific\10⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\PlayReadyCdm\_platform_specific\win_x64\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\PlayReadyCdm\_platform_specific\win_x64\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\PlayReadyCdm\_platform_specific\win_x64\11⤵
-
-
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\9⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Extensions\update.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Extensions\update.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Extensions\10⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\identity_proxy\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\identity_proxy\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\identity_proxy\10⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\MEIPreload\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\MEIPreload\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\MEIPreload\10⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Locales\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Locales\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Locales\10⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\MLModels\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\MLModels\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\MLModels\10⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Notifications\System Restore.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Notifications\System Restore.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Notifications\10⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Trust Protection Lists\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Trust Protection Lists\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Trust Protection Lists\10⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Trust Protection Lists\Mu\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Trust Protection Lists\Mu\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Trust Protection Lists\Mu\11⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Trust Protection Lists\Sigma\update.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Trust Protection Lists\Sigma\update.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Trust Protection Lists\Sigma\11⤵
-
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\VisualElements\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\VisualElements\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\VisualElements\10⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\WidevineCdm\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\WidevineCdm\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\WidevineCdm\10⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\WidevineCdm\_platform_specific\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\WidevineCdm\_platform_specific\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\WidevineCdm\_platform_specific\11⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\WidevineCdm\_platform_specific\win_x64\System Restore.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\WidevineCdm\_platform_specific\win_x64\System Restore.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\WidevineCdm\_platform_specific\win_x64\12⤵
-
-
-
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\swiftshader\data.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\swiftshader\data.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\swiftshader\9⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Trust Protection Lists\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Trust Protection Lists\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Trust Protection Lists\9⤵
- Drops file in Program Files directory
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Trust Protection Lists\Mu\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Trust Protection Lists\Mu\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Trust Protection Lists\Mu\10⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Trust Protection Lists\Sigma\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Trust Protection Lists\Sigma\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Trust Protection Lists\Sigma\10⤵
-
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\VisualElements\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\VisualElements\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\VisualElements\9⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\WidevineCdm\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\WidevineCdm\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\WidevineCdm\9⤵
- System policy modification
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\WidevineCdm\_platform_specific\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\WidevineCdm\_platform_specific\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\WidevineCdm\_platform_specific\10⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\WidevineCdm\_platform_specific\win_x64\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\WidevineCdm\_platform_specific\win_x64\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\WidevineCdm\_platform_specific\win_x64\11⤵
-
-
-
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\backup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\backup.exe" C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\8⤵
-
-
-
-
C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\backup.exe"C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\backup.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\6⤵
-
C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\1.3.177.11\backup.exe"C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\1.3.177.11\backup.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\1.3.177.11\7⤵
-
-
C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\Download\backup.exe"C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\Download\backup.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\Download\7⤵
-
C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\backup.exe"C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\backup.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\8⤵
-
-
-
C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\Install\System Restore.exe"C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\Install\System Restore.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\Install\7⤵
-
-
-
C:\Program Files (x86)\Microsoft\Temp\backup.exe"C:\Program Files (x86)\Microsoft\Temp\backup.exe" C:\Program Files (x86)\Microsoft\Temp\6⤵
-
-
-
C:\Program Files (x86)\Microsoft.NET\backup.exe"C:\Program Files (x86)\Microsoft.NET\backup.exe" C:\Program Files (x86)\Microsoft.NET\5⤵
-
C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\backup.exe"C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\backup.exe" C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\6⤵
-
-
C:\Program Files (x86)\Microsoft.NET\RedistList\backup.exe"C:\Program Files (x86)\Microsoft.NET\RedistList\backup.exe" C:\Program Files (x86)\Microsoft.NET\RedistList\6⤵
-
-
-
C:\Program Files (x86)\Mozilla Maintenance Service\backup.exe"C:\Program Files (x86)\Mozilla Maintenance Service\backup.exe" C:\Program Files (x86)\Mozilla Maintenance Service\5⤵
-
C:\Program Files (x86)\Mozilla Maintenance Service\logs\backup.exe"C:\Program Files (x86)\Mozilla Maintenance Service\logs\backup.exe" C:\Program Files (x86)\Mozilla Maintenance Service\logs\6⤵
-
-
-
C:\Program Files (x86)\MSBuild\backup.exe"C:\Program Files (x86)\MSBuild\backup.exe" C:\Program Files (x86)\MSBuild\5⤵
-
C:\Program Files (x86)\MSBuild\Microsoft\backup.exe"C:\Program Files (x86)\MSBuild\Microsoft\backup.exe" C:\Program Files (x86)\MSBuild\Microsoft\6⤵
-
C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\backup.exe"C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\backup.exe" C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\7⤵
-
C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\backup.exe"C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\backup.exe" C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\8⤵
-
-
C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\backup.exe"C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\backup.exe" C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\8⤵
-
-
-
-
-
C:\Program Files (x86)\Reference Assemblies\backup.exe"C:\Program Files (x86)\Reference Assemblies\backup.exe" C:\Program Files (x86)\Reference Assemblies\5⤵
-
C:\Program Files (x86)\Reference Assemblies\Microsoft\backup.exe"C:\Program Files (x86)\Reference Assemblies\Microsoft\backup.exe" C:\Program Files (x86)\Reference Assemblies\Microsoft\6⤵
-
C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\backup.exe"C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\backup.exe" C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\7⤵
-
C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\backup.exe"C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\backup.exe" C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\8⤵
-
C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\de\backup.exe"C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\de\backup.exe" C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\de\9⤵
-
-
C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\es\backup.exe"C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\es\backup.exe" C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\es\9⤵
-
-
C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\it\backup.exe"C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\it\backup.exe" C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\it\9⤵
-
-
C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\fr\backup.exe"C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\fr\backup.exe" C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\fr\9⤵
-
-
C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\ja\backup.exe"C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\ja\backup.exe" C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\ja\9⤵
-
-
C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\backup.exe"C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\backup.exe" C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\9⤵
-
-
C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\SubsetList\backup.exe"C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\SubsetList\backup.exe" C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\SubsetList\9⤵
-
-
-
C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\backup.exe"C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\backup.exe" C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\8⤵
-
C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\de\update.exe"C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\de\update.exe" C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\de\9⤵
-
-
C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\es\backup.exe"C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\es\backup.exe" C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\es\9⤵
-
-
C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\fr\data.exe"C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\fr\data.exe" C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\fr\9⤵
-
-
C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\it\backup.exe"C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\it\backup.exe" C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\it\9⤵
-
-
C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\ja\backup.exe"C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\ja\backup.exe" C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\ja\9⤵
-
-
C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\backup.exe"C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\backup.exe" C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\9⤵
-
-
C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\SubsetList\backup.exe"C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\SubsetList\backup.exe" C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\SubsetList\9⤵
-
-
-
-
-
-
C:\Program Files (x86)\Windows Defender\backup.exe"C:\Program Files (x86)\Windows Defender\backup.exe" C:\Program Files (x86)\Windows Defender\5⤵
-
C:\Program Files (x86)\Windows Defender\es-ES\backup.exe"C:\Program Files (x86)\Windows Defender\es-ES\backup.exe" C:\Program Files (x86)\Windows Defender\es-ES\6⤵
-
-
C:\Program Files (x86)\Windows Defender\fr-FR\backup.exe"C:\Program Files (x86)\Windows Defender\fr-FR\backup.exe" C:\Program Files (x86)\Windows Defender\fr-FR\6⤵
-
-
C:\Program Files (x86)\Windows Defender\it-IT\backup.exe"C:\Program Files (x86)\Windows Defender\it-IT\backup.exe" C:\Program Files (x86)\Windows Defender\it-IT\6⤵
-
-
C:\Program Files (x86)\Windows Defender\ja-JP\backup.exe"C:\Program Files (x86)\Windows Defender\ja-JP\backup.exe" C:\Program Files (x86)\Windows Defender\ja-JP\6⤵
-
-
-
C:\Program Files (x86)\Windows Mail\backup.exe"C:\Program Files (x86)\Windows Mail\backup.exe" C:\Program Files (x86)\Windows Mail\5⤵
-
-
C:\Program Files (x86)\Windows Media Player\backup.exe"C:\Program Files (x86)\Windows Media Player\backup.exe" C:\Program Files (x86)\Windows Media Player\5⤵
-
C:\Program Files (x86)\Windows Media Player\de-DE\backup.exe"C:\Program Files (x86)\Windows Media Player\de-DE\backup.exe" C:\Program Files (x86)\Windows Media Player\de-DE\6⤵
-
-
C:\Program Files (x86)\Windows Media Player\en-US\backup.exe"C:\Program Files (x86)\Windows Media Player\en-US\backup.exe" C:\Program Files (x86)\Windows Media Player\en-US\6⤵
-
-
C:\Program Files (x86)\Windows Media Player\es-ES\backup.exe"C:\Program Files (x86)\Windows Media Player\es-ES\backup.exe" C:\Program Files (x86)\Windows Media Player\es-ES\6⤵
-
-
C:\Program Files (x86)\Windows Media Player\fr-FR\backup.exe"C:\Program Files (x86)\Windows Media Player\fr-FR\backup.exe" C:\Program Files (x86)\Windows Media Player\fr-FR\6⤵
-
-
C:\Program Files (x86)\Windows Media Player\it-IT\backup.exe"C:\Program Files (x86)\Windows Media Player\it-IT\backup.exe" C:\Program Files (x86)\Windows Media Player\it-IT\6⤵
-
-
C:\Program Files (x86)\Windows Media Player\ja-JP\backup.exe"C:\Program Files (x86)\Windows Media Player\ja-JP\backup.exe" C:\Program Files (x86)\Windows Media Player\ja-JP\6⤵
-
-
C:\Program Files (x86)\Windows Media Player\Media Renderer\backup.exe"C:\Program Files (x86)\Windows Media Player\Media Renderer\backup.exe" C:\Program Files (x86)\Windows Media Player\Media Renderer\6⤵
-
-
C:\Program Files (x86)\Windows Media Player\Network Sharing\backup.exe"C:\Program Files (x86)\Windows Media Player\Network Sharing\backup.exe" C:\Program Files (x86)\Windows Media Player\Network Sharing\6⤵
-
-
-
C:\Program Files (x86)\Windows Multimedia Platform\backup.exe"C:\Program Files (x86)\Windows Multimedia Platform\backup.exe" C:\Program Files (x86)\Windows Multimedia Platform\5⤵
-
-
C:\Program Files (x86)\Windows NT\System Restore.exe"C:\Program Files (x86)\Windows NT\System Restore.exe" C:\Program Files (x86)\Windows NT\5⤵
-
C:\Program Files (x86)\Windows NT\Accessories\backup.exe"C:\Program Files (x86)\Windows NT\Accessories\backup.exe" C:\Program Files (x86)\Windows NT\Accessories\6⤵
-
C:\Program Files (x86)\Windows NT\Accessories\en-US\backup.exe"C:\Program Files (x86)\Windows NT\Accessories\en-US\backup.exe" C:\Program Files (x86)\Windows NT\Accessories\en-US\7⤵
-
-
-
C:\Program Files (x86)\Windows NT\TableTextService\backup.exe"C:\Program Files (x86)\Windows NT\TableTextService\backup.exe" C:\Program Files (x86)\Windows NT\TableTextService\6⤵
-
C:\Program Files (x86)\Windows NT\TableTextService\en-US\backup.exe"C:\Program Files (x86)\Windows NT\TableTextService\en-US\backup.exe" C:\Program Files (x86)\Windows NT\TableTextService\en-US\7⤵
-
-
-
-
C:\Program Files (x86)\Windows Photo Viewer\backup.exe"C:\Program Files (x86)\Windows Photo Viewer\backup.exe" C:\Program Files (x86)\Windows Photo Viewer\5⤵
-
-
-
C:\Users\update.exeC:\Users\update.exe C:\Users\4⤵
-
C:\Users\Admin\backup.exeC:\Users\Admin\backup.exe C:\Users\Admin\5⤵
-
C:\Users\Admin\3D Objects\backup.exe"C:\Users\Admin\3D Objects\backup.exe" C:\Users\Admin\3D Objects\6⤵
-
-
C:\Users\Admin\Contacts\backup.exeC:\Users\Admin\Contacts\backup.exe C:\Users\Admin\Contacts\6⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Users\Admin\Desktop\backup.exeC:\Users\Admin\Desktop\backup.exe C:\Users\Admin\Desktop\6⤵
-
-
C:\Users\Admin\Documents\backup.exeC:\Users\Admin\Documents\backup.exe C:\Users\Admin\Documents\6⤵
-
C:\Users\Admin\Documents\OneNote Notebooks\backup.exe"C:\Users\Admin\Documents\OneNote Notebooks\backup.exe" C:\Users\Admin\Documents\OneNote Notebooks\7⤵
-
C:\Users\Admin\Documents\OneNote Notebooks\My Notebook\backup.exe"C:\Users\Admin\Documents\OneNote Notebooks\My Notebook\backup.exe" C:\Users\Admin\Documents\OneNote Notebooks\My Notebook\8⤵
-
-
-
-
C:\Users\Admin\Downloads\backup.exeC:\Users\Admin\Downloads\backup.exe C:\Users\Admin\Downloads\6⤵
-
-
C:\Users\Admin\Favorites\backup.exeC:\Users\Admin\Favorites\backup.exe C:\Users\Admin\Favorites\6⤵
-
-
C:\Users\Admin\Links\backup.exeC:\Users\Admin\Links\backup.exe C:\Users\Admin\Links\6⤵
-
-
C:\Users\Admin\Music\backup.exeC:\Users\Admin\Music\backup.exe C:\Users\Admin\Music\6⤵
-
-
C:\Users\Admin\OneDrive\backup.exeC:\Users\Admin\OneDrive\backup.exe C:\Users\Admin\OneDrive\6⤵
-
-
C:\Users\Admin\Pictures\System Restore.exe"C:\Users\Admin\Pictures\System Restore.exe" C:\Users\Admin\Pictures\6⤵
-
C:\Users\Admin\Pictures\Camera Roll\backup.exe"C:\Users\Admin\Pictures\Camera Roll\backup.exe" C:\Users\Admin\Pictures\Camera Roll\7⤵
-
-
C:\Users\Admin\Pictures\Saved Pictures\backup.exe"C:\Users\Admin\Pictures\Saved Pictures\backup.exe" C:\Users\Admin\Pictures\Saved Pictures\7⤵
-
-
-
C:\Users\Admin\Searches\backup.exeC:\Users\Admin\Searches\backup.exe C:\Users\Admin\Searches\6⤵
-
-
C:\Users\Admin\Saved Games\backup.exe"C:\Users\Admin\Saved Games\backup.exe" C:\Users\Admin\Saved Games\6⤵
-
-
C:\Users\Admin\Videos\backup.exeC:\Users\Admin\Videos\backup.exe C:\Users\Admin\Videos\6⤵
-
-
-
C:\Users\Public\backup.exeC:\Users\Public\backup.exe C:\Users\Public\5⤵
-
C:\Users\Public\Documents\backup.exeC:\Users\Public\Documents\backup.exe C:\Users\Public\Documents\6⤵
-
-
C:\Users\Public\Downloads\backup.exeC:\Users\Public\Downloads\backup.exe C:\Users\Public\Downloads\6⤵
-
-
C:\Users\Public\Music\backup.exeC:\Users\Public\Music\backup.exe C:\Users\Public\Music\6⤵
-
-
C:\Users\Public\Pictures\backup.exeC:\Users\Public\Pictures\backup.exe C:\Users\Public\Pictures\6⤵
-
-
C:\Users\Public\Videos\backup.exeC:\Users\Public\Videos\backup.exe C:\Users\Public\Videos\6⤵
-
-
-
-
C:\Windows\backup.exeC:\Windows\backup.exe C:\Windows\4⤵
- Modifies visibility of file extensions in Explorer
-
C:\Windows\addins\backup.exeC:\Windows\addins\backup.exe C:\Windows\addins\5⤵
-
-
C:\Windows\appcompat\backup.exeC:\Windows\appcompat\backup.exe C:\Windows\appcompat\5⤵
-
C:\Windows\appcompat\appraiser\backup.exeC:\Windows\appcompat\appraiser\backup.exe C:\Windows\appcompat\appraiser\6⤵
-
C:\Windows\appcompat\appraiser\Telemetry\backup.exeC:\Windows\appcompat\appraiser\Telemetry\backup.exe C:\Windows\appcompat\appraiser\Telemetry\7⤵
-
-
-
C:\Windows\appcompat\encapsulation\backup.exeC:\Windows\appcompat\encapsulation\backup.exe C:\Windows\appcompat\encapsulation\6⤵
-
-
C:\Windows\appcompat\Programs\backup.exeC:\Windows\appcompat\Programs\backup.exe C:\Windows\appcompat\Programs\6⤵
-
-
-
C:\Windows\apppatch\data.exeC:\Windows\apppatch\data.exe C:\Windows\apppatch\5⤵
-
C:\Windows\apppatch\AppPatch64\backup.exeC:\Windows\apppatch\AppPatch64\backup.exe C:\Windows\apppatch\AppPatch64\6⤵
-
-
C:\Windows\apppatch\Custom\backup.exeC:\Windows\apppatch\Custom\backup.exe C:\Windows\apppatch\Custom\6⤵
-
C:\Windows\apppatch\Custom\Custom64\backup.exeC:\Windows\apppatch\Custom\Custom64\backup.exe C:\Windows\apppatch\Custom\Custom64\7⤵
-
-
-
C:\Windows\apppatch\CustomSDB\backup.exeC:\Windows\apppatch\CustomSDB\backup.exe C:\Windows\apppatch\CustomSDB\6⤵
-
-
C:\Windows\apppatch\de-DE\System Restore.exe"C:\Windows\apppatch\de-DE\System Restore.exe" C:\Windows\apppatch\de-DE\6⤵
-
-
C:\Windows\apppatch\en-US\backup.exeC:\Windows\apppatch\en-US\backup.exe C:\Windows\apppatch\en-US\6⤵
-
-
C:\Windows\apppatch\es-ES\backup.exeC:\Windows\apppatch\es-ES\backup.exe C:\Windows\apppatch\es-ES\6⤵
-
-
C:\Windows\apppatch\fr-FR\backup.exeC:\Windows\apppatch\fr-FR\backup.exe C:\Windows\apppatch\fr-FR\6⤵
-
-
C:\Windows\apppatch\it-IT\backup.exeC:\Windows\apppatch\it-IT\backup.exe C:\Windows\apppatch\it-IT\6⤵
-
-
C:\Windows\apppatch\ja-JP\backup.exeC:\Windows\apppatch\ja-JP\backup.exe C:\Windows\apppatch\ja-JP\6⤵
-
-
-
C:\Windows\AppReadiness\backup.exeC:\Windows\AppReadiness\backup.exe C:\Windows\AppReadiness\5⤵
-
-
C:\Windows\assembly\backup.exeC:\Windows\assembly\backup.exe C:\Windows\assembly\5⤵
-
C:\Windows\assembly\GAC\backup.exeC:\Windows\assembly\GAC\backup.exe C:\Windows\assembly\GAC\6⤵
-
C:\Windows\assembly\GAC\ADODB\backup.exeC:\Windows\assembly\GAC\ADODB\backup.exe C:\Windows\assembly\GAC\ADODB\7⤵
-
C:\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC\Extensibility\backup.exeC:\Windows\assembly\GAC\Extensibility\backup.exe C:\Windows\assembly\GAC\Extensibility\7⤵
-
C:\Windows\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC\Microsoft.mshtml\backup.exeC:\Windows\assembly\GAC\Microsoft.mshtml\backup.exe C:\Windows\assembly\GAC\Microsoft.mshtml\7⤵
-
C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC\Microsoft.StdFormat\backup.exeC:\Windows\assembly\GAC\Microsoft.StdFormat\backup.exe C:\Windows\assembly\GAC\Microsoft.StdFormat\7⤵
-
C:\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC\mscomctl\backup.exeC:\Windows\assembly\GAC\mscomctl\backup.exe C:\Windows\assembly\GAC\mscomctl\7⤵
-
C:\Windows\assembly\GAC\mscomctl\10.0.4504.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC\mscomctl\10.0.4504.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC\mscomctl\10.0.4504.0__31bf3856ad364e35\8⤵
-
-
-
C:\Windows\assembly\GAC\MSDATASRC\backup.exeC:\Windows\assembly\GAC\MSDATASRC\backup.exe C:\Windows\assembly\GAC\MSDATASRC\7⤵
-
C:\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC\stdole\data.exeC:\Windows\assembly\GAC\stdole\data.exe C:\Windows\assembly\GAC\stdole\7⤵
-
-
-
C:\Windows\assembly\GAC_32\backup.exeC:\Windows\assembly\GAC_32\backup.exe C:\Windows\assembly\GAC_32\6⤵
-
C:\Windows\assembly\GAC_32\CustomMarshalers\backup.exeC:\Windows\assembly\GAC_32\CustomMarshalers\backup.exe C:\Windows\assembly\GAC_32\CustomMarshalers\7⤵
-
C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC_32\ISymWrapper\backup.exeC:\Windows\assembly\GAC_32\ISymWrapper\backup.exe C:\Windows\assembly\GAC_32\ISymWrapper\7⤵
-
C:\Windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC_32\Microsoft.Ink\backup.exeC:\Windows\assembly\GAC_32\Microsoft.Ink\backup.exe C:\Windows\assembly\GAC_32\Microsoft.Ink\7⤵
-
C:\Windows\assembly\GAC_32\Microsoft.Ink\6.1.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_32\Microsoft.Ink\6.1.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_32\Microsoft.Ink\6.1.0.0__31bf3856ad364e35\8⤵
-
-
-
C:\Windows\assembly\GAC_32\Microsoft.Interop.Security.AzRoles\backup.exeC:\Windows\assembly\GAC_32\Microsoft.Interop.Security.AzRoles\backup.exe C:\Windows\assembly\GAC_32\Microsoft.Interop.Security.AzRoles\7⤵
-
C:\Windows\assembly\GAC_32\Microsoft.Interop.Security.AzRoles\2.0.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_32\Microsoft.Interop.Security.AzRoles\2.0.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_32\Microsoft.Interop.Security.AzRoles\2.0.0.0__31bf3856ad364e35\8⤵
-
-
-
C:\Windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\backup.exeC:\Windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\backup.exe C:\Windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\7⤵
-
C:\Windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC_32\MSBuild\backup.exeC:\Windows\assembly\GAC_32\MSBuild\backup.exe C:\Windows\assembly\GAC_32\MSBuild\7⤵
-
C:\Windows\assembly\GAC_32\MSBuild\3.5.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_32\MSBuild\3.5.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_32\MSBuild\3.5.0.0__b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC_32\mscorlib\backup.exeC:\Windows\assembly\GAC_32\mscorlib\backup.exe C:\Windows\assembly\GAC_32\mscorlib\7⤵
-
C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\backup.exeC:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\backup.exe C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\8⤵
-
-
C:\Program Files\VideoLAN\VLC\locale\ar\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\ar\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\ar\LC_MESSAGES\8⤵
-
-
-
C:\Windows\assembly\GAC_32\PresentationCore\System Restore.exe"C:\Windows\assembly\GAC_32\PresentationCore\System Restore.exe" C:\Windows\assembly\GAC_32\PresentationCore\7⤵
-
C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\8⤵
-
-
-
C:\Windows\assembly\GAC_32\srmlib\backup.exeC:\Windows\assembly\GAC_32\srmlib\backup.exe C:\Windows\assembly\GAC_32\srmlib\7⤵
-
C:\Windows\assembly\GAC_32\srmlib\1.0.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_32\srmlib\1.0.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_32\srmlib\1.0.0.0__31bf3856ad364e35\8⤵
-
-
-
C:\Windows\assembly\GAC_32\System.Data\backup.exeC:\Windows\assembly\GAC_32\System.Data\backup.exe C:\Windows\assembly\GAC_32\System.Data\7⤵
-
C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\backup.exeC:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\backup.exe C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\8⤵
-
-
-
C:\Windows\assembly\GAC_32\System.Data.OracleClient\backup.exeC:\Windows\assembly\GAC_32\System.Data.OracleClient\backup.exe C:\Windows\assembly\GAC_32\System.Data.OracleClient\7⤵
-
C:\Windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\backup.exeC:\Windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\backup.exe C:\Windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\8⤵
-
-
-
C:\Windows\assembly\GAC_32\System.EnterpriseServices\backup.exeC:\Windows\assembly\GAC_32\System.EnterpriseServices\backup.exe C:\Windows\assembly\GAC_32\System.EnterpriseServices\7⤵
-
C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC_32\System.Printing\backup.exeC:\Windows\assembly\GAC_32\System.Printing\backup.exe C:\Windows\assembly\GAC_32\System.Printing\7⤵
-
C:\Windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\8⤵
-
-
-
C:\Windows\assembly\GAC_32\System.Transactions\backup.exeC:\Windows\assembly\GAC_32\System.Transactions\backup.exe C:\Windows\assembly\GAC_32\System.Transactions\7⤵
-
C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\backup.exeC:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\backup.exe C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\8⤵
-
-
-
-
C:\Windows\assembly\GAC_64\backup.exeC:\Windows\assembly\GAC_64\backup.exe C:\Windows\assembly\GAC_64\6⤵
-
C:\Windows\assembly\GAC_64\CustomMarshalers\backup.exeC:\Windows\assembly\GAC_64\CustomMarshalers\backup.exe C:\Windows\assembly\GAC_64\CustomMarshalers\7⤵
-
C:\Windows\assembly\GAC_64\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_64\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_64\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC_64\ISymWrapper\data.exeC:\Windows\assembly\GAC_64\ISymWrapper\data.exe C:\Windows\assembly\GAC_64\ISymWrapper\7⤵
-
C:\Windows\assembly\GAC_64\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_64\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_64\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC_64\Microsoft.Ink\backup.exeC:\Windows\assembly\GAC_64\Microsoft.Ink\backup.exe C:\Windows\assembly\GAC_64\Microsoft.Ink\7⤵
-
C:\Windows\assembly\GAC_64\Microsoft.Ink\6.1.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_64\Microsoft.Ink\6.1.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_64\Microsoft.Ink\6.1.0.0__31bf3856ad364e35\8⤵
-
-
-
C:\Windows\assembly\GAC_64\Microsoft.Interop.Security.AzRoles\backup.exeC:\Windows\assembly\GAC_64\Microsoft.Interop.Security.AzRoles\backup.exe C:\Windows\assembly\GAC_64\Microsoft.Interop.Security.AzRoles\7⤵
-
C:\Windows\assembly\GAC_64\Microsoft.Interop.Security.AzRoles\2.0.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_64\Microsoft.Interop.Security.AzRoles\2.0.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_64\Microsoft.Interop.Security.AzRoles\2.0.0.0__31bf3856ad364e35\8⤵
-
-
-
C:\Windows\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\backup.exeC:\Windows\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\backup.exe C:\Windows\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\7⤵
-
-
C:\Windows\assembly\GAC_64\MSBuild\backup.exeC:\Windows\assembly\GAC_64\MSBuild\backup.exe C:\Windows\assembly\GAC_64\MSBuild\7⤵
-
C:\Windows\assembly\GAC_64\MSBuild\3.5.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_64\MSBuild\3.5.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_64\MSBuild\3.5.0.0__b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC_64\mscorlib\data.exeC:\Windows\assembly\GAC_64\mscorlib\data.exe C:\Windows\assembly\GAC_64\mscorlib\7⤵
-
C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\backup.exeC:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\backup.exe C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\8⤵
-
-
-
C:\Windows\assembly\GAC_64\PresentationCore\backup.exeC:\Windows\assembly\GAC_64\PresentationCore\backup.exe C:\Windows\assembly\GAC_64\PresentationCore\7⤵
-
C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\8⤵
-
-
-
C:\Windows\assembly\GAC_64\srmlib\backup.exeC:\Windows\assembly\GAC_64\srmlib\backup.exe C:\Windows\assembly\GAC_64\srmlib\7⤵
-
C:\Windows\assembly\GAC_64\srmlib\1.0.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_64\srmlib\1.0.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_64\srmlib\1.0.0.0__31bf3856ad364e35\8⤵
-
-
-
C:\Windows\assembly\GAC_64\System.Data\backup.exeC:\Windows\assembly\GAC_64\System.Data\backup.exe C:\Windows\assembly\GAC_64\System.Data\7⤵
-
C:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089\backup.exeC:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089\backup.exe C:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089\8⤵
-
-
-
C:\Windows\assembly\GAC_64\System.Data.OracleClient\backup.exeC:\Windows\assembly\GAC_64\System.Data.OracleClient\backup.exe C:\Windows\assembly\GAC_64\System.Data.OracleClient\7⤵
-
C:\Windows\assembly\GAC_64\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\backup.exeC:\Windows\assembly\GAC_64\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\backup.exe C:\Windows\assembly\GAC_64\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\8⤵
-
-
-
C:\Windows\assembly\GAC_64\System.EnterpriseServices\backup.exeC:\Windows\assembly\GAC_64\System.EnterpriseServices\backup.exe C:\Windows\assembly\GAC_64\System.EnterpriseServices\7⤵
-
C:\Windows\assembly\GAC_64\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_64\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_64\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC_64\System.Printing\backup.exeC:\Windows\assembly\GAC_64\System.Printing\backup.exe C:\Windows\assembly\GAC_64\System.Printing\7⤵
-
-
-
C:\Windows\assembly\GAC_MSIL\backup.exeC:\Windows\assembly\GAC_MSIL\backup.exe C:\Windows\assembly\GAC_MSIL\6⤵
-
C:\Windows\assembly\GAC_MSIL\Accessibility\backup.exeC:\Windows\assembly\GAC_MSIL\Accessibility\backup.exe C:\Windows\assembly\GAC_MSIL\Accessibility\7⤵
-
C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC_MSIL\AspNetMMCExt\backup.exeC:\Windows\assembly\GAC_MSIL\AspNetMMCExt\backup.exe C:\Windows\assembly\GAC_MSIL\AspNetMMCExt\7⤵
-
C:\Windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC_MSIL\AspNetMMCExt.Resources\backup.exeC:\Windows\assembly\GAC_MSIL\AspNetMMCExt.Resources\backup.exe C:\Windows\assembly\GAC_MSIL\AspNetMMCExt.Resources\7⤵
-
C:\Windows\assembly\GAC_MSIL\AspNetMMCExt.Resources\2.0.0.0_de_b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_MSIL\AspNetMMCExt.Resources\2.0.0.0_de_b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_MSIL\AspNetMMCExt.Resources\2.0.0.0_de_b03f5f7f11d50a3a\8⤵
-
-
C:\Windows\assembly\GAC_MSIL\AspNetMMCExt.Resources\2.0.0.0_es_b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_MSIL\AspNetMMCExt.Resources\2.0.0.0_es_b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_MSIL\AspNetMMCExt.Resources\2.0.0.0_es_b03f5f7f11d50a3a\8⤵
-
-
C:\Windows\assembly\GAC_MSIL\AspNetMMCExt.Resources\2.0.0.0_fr_b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_MSIL\AspNetMMCExt.Resources\2.0.0.0_fr_b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_MSIL\AspNetMMCExt.Resources\2.0.0.0_fr_b03f5f7f11d50a3a\8⤵
-
-
C:\Windows\assembly\GAC_MSIL\AspNetMMCExt.Resources\2.0.0.0_it_b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_MSIL\AspNetMMCExt.Resources\2.0.0.0_it_b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_MSIL\AspNetMMCExt.Resources\2.0.0.0_it_b03f5f7f11d50a3a\8⤵
-
-
C:\Windows\assembly\GAC_MSIL\AspNetMMCExt.Resources\2.0.0.0_ja_b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_MSIL\AspNetMMCExt.Resources\2.0.0.0_ja_b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_MSIL\AspNetMMCExt.Resources\2.0.0.0_ja_b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC_MSIL\ComSvcConfig\backup.exeC:\Windows\assembly\GAC_MSIL\ComSvcConfig\backup.exe C:\Windows\assembly\GAC_MSIL\ComSvcConfig\7⤵
-
C:\Windows\assembly\GAC_MSIL\ComSvcConfig\3.0.0.0__b03f5f7f11d50a3a\data.exeC:\Windows\assembly\GAC_MSIL\ComSvcConfig\3.0.0.0__b03f5f7f11d50a3a\data.exe C:\Windows\assembly\GAC_MSIL\ComSvcConfig\3.0.0.0__b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC_MSIL\cscompmgd\backup.exeC:\Windows\assembly\GAC_MSIL\cscompmgd\backup.exe C:\Windows\assembly\GAC_MSIL\cscompmgd\7⤵
-
C:\Windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC_MSIL\dfsvc\backup.exeC:\Windows\assembly\GAC_MSIL\dfsvc\backup.exe C:\Windows\assembly\GAC_MSIL\dfsvc\7⤵
-
C:\Windows\assembly\GAC_MSIL\dfsvc\2.0.0.0__b03f5f7f11d50a3a\System Restore.exe"C:\Windows\assembly\GAC_MSIL\dfsvc\2.0.0.0__b03f5f7f11d50a3a\System Restore.exe" C:\Windows\assembly\GAC_MSIL\dfsvc\2.0.0.0__b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC_MSIL\IEExecRemote\data.exeC:\Windows\assembly\GAC_MSIL\IEExecRemote\data.exe C:\Windows\assembly\GAC_MSIL\IEExecRemote\7⤵
-
C:\Windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\8⤵
-
-
-
C:\Windows\assembly\GAC_MSIL\IEHost\backup.exeC:\Windows\assembly\GAC_MSIL\IEHost\backup.exe C:\Windows\assembly\GAC_MSIL\IEHost\7⤵
-
C:\Windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\8⤵
-
-
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\update.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\update.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\6⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\7⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\06e4ead630bb224419e9830affdafb8c\update.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\06e4ead630bb224419e9830affdafb8c\update.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\06e4ead630bb224419e9830affdafb8c\8⤵
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\0c5c095df94f2312c1107726858cffe2\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\0c5c095df94f2312c1107726858cffe2\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\0c5c095df94f2312c1107726858cffe2\8⤵
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\0db851c73d11018ad4b5a4d0d4be2e36\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\0db851c73d11018ad4b5a4d0d4be2e36\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\0db851c73d11018ad4b5a4d0d4be2e36\8⤵
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\a3a54d1c0d022e4ccf266b954fe01230\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\a3a54d1c0d022e4ccf266b954fe01230\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\a3a54d1c0d022e4ccf266b954fe01230\8⤵
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\f18ff42b17aa9990ee61ad0c4aea9b1c\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\f18ff42b17aa9990ee61ad0c4aea9b1c\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\f18ff42b17aa9990ee61ad0c4aea9b1c\8⤵
-
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\7⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\73c6ae4303a31ae701dd97dcdda2523d\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\73c6ae4303a31ae701dd97dcdda2523d\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\73c6ae4303a31ae701dd97dcdda2523d\8⤵
-
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\7⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\0c596f320c82d9ea5d0b5a6362a0750a\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\0c596f320c82d9ea5d0b5a6362a0750a\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\0c596f320c82d9ea5d0b5a6362a0750a\8⤵
-
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ffc00a26ff38e37b47b2c75f92b48929\data.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ffc00a26ff38e37b47b2c75f92b48929\data.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ffc00a26ff38e37b47b2c75f92b48929\8⤵
-
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\srmlib\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\srmlib\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\srmlib\7⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\srmlib\e7a3b638f7646fc8439936218d34b2b7\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\srmlib\e7a3b638f7646fc8439936218d34b2b7\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\srmlib\e7a3b638f7646fc8439936218d34b2b7\8⤵
-
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\System\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\System\7⤵
-
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_64\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_64\6⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\7⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\3526cd5a741d8cbdf5fa48b7f6fe88d3\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\3526cd5a741d8cbdf5fa48b7f6fe88d3\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\3526cd5a741d8cbdf5fa48b7f6fe88d3\8⤵
-
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\7⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\291910c52afc6a4c83bd042f709c7e57\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\291910c52afc6a4c83bd042f709c7e57\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\291910c52afc6a4c83bd042f709c7e57\8⤵
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\47e786300d57b2248515da5569427c4e\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\47e786300d57b2248515da5569427c4e\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\47e786300d57b2248515da5569427c4e\8⤵
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\83a3b8af1eee54050fa565ab6fc8e5d9\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\83a3b8af1eee54050fa565ab6fc8e5d9\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\83a3b8af1eee54050fa565ab6fc8e5d9\8⤵
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\b78cfccbd1eab27ca35b2ac67d102907\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\b78cfccbd1eab27ca35b2ac67d102907\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\b78cfccbd1eab27ca35b2ac67d102907\8⤵
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\f334dca9ae9dc06224e9b43875b3aa90\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\f334dca9ae9dc06224e9b43875b3aa90\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\f334dca9ae9dc06224e9b43875b3aa90\8⤵
-
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Man#\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Man#\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Man#\7⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Man#\a58e7ee3da68f0652eb20fee5787ba4b\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Man#\a58e7ee3da68f0652eb20fee5787ba4b\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Man#\a58e7ee3da68f0652eb20fee5787ba4b\8⤵
-
-
-
-
C:\Windows\assembly\NativeImages_v4.0.30319_32\backup.exeC:\Windows\assembly\NativeImages_v4.0.30319_32\backup.exe C:\Windows\assembly\NativeImages_v4.0.30319_32\6⤵
-
C:\Windows\assembly\NativeImages_v4.0.30319_32\AuditPolicy42d3d2cc#\backup.exeC:\Windows\assembly\NativeImages_v4.0.30319_32\AuditPolicy42d3d2cc#\backup.exe C:\Windows\assembly\NativeImages_v4.0.30319_32\AuditPolicy42d3d2cc#\7⤵
-
C:\Windows\assembly\NativeImages_v4.0.30319_32\AuditPolicy42d3d2cc#\00194bf840ef92b2565b539f29704dc8\backup.exeC:\Windows\assembly\NativeImages_v4.0.30319_32\AuditPolicy42d3d2cc#\00194bf840ef92b2565b539f29704dc8\backup.exe C:\Windows\assembly\NativeImages_v4.0.30319_32\AuditPolicy42d3d2cc#\00194bf840ef92b2565b539f29704dc8\8⤵
-
-
-
C:\Windows\assembly\NativeImages_v4.0.30319_32\EventViewer\backup.exeC:\Windows\assembly\NativeImages_v4.0.30319_32\EventViewer\backup.exe C:\Windows\assembly\NativeImages_v4.0.30319_32\EventViewer\7⤵
-
C:\Windows\assembly\NativeImages_v4.0.30319_32\EventViewer\c4e350255dfdcb7457109e297b572b31\backup.exeC:\Windows\assembly\NativeImages_v4.0.30319_32\EventViewer\c4e350255dfdcb7457109e297b572b31\backup.exe C:\Windows\assembly\NativeImages_v4.0.30319_32\EventViewer\c4e350255dfdcb7457109e297b572b31\8⤵
-
-
-
-
C:\Windows\assembly\NativeImages_v4.0.30319_64\data.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\data.exe C:\Windows\assembly\NativeImages_v4.0.30319_64\6⤵
-
-
-
C:\Windows\bcastdvr\backup.exeC:\Windows\bcastdvr\backup.exe C:\Windows\bcastdvr\5⤵
-
-
C:\Windows\Branding\update.exeC:\Windows\Branding\update.exe C:\Windows\Branding\5⤵
-
C:\Windows\Branding\Basebrd\backup.exeC:\Windows\Branding\Basebrd\backup.exe C:\Windows\Branding\Basebrd\6⤵
-
C:\Windows\Branding\Basebrd\de-DE\backup.exeC:\Windows\Branding\Basebrd\de-DE\backup.exe C:\Windows\Branding\Basebrd\de-DE\7⤵
-
-
C:\Windows\Branding\Basebrd\en-US\backup.exeC:\Windows\Branding\Basebrd\en-US\backup.exe C:\Windows\Branding\Basebrd\en-US\7⤵
-
C:\Program Files (x86)\Windows Defender\de-DE\data.exe"C:\Program Files (x86)\Windows Defender\de-DE\data.exe" C:\Program Files (x86)\Windows Defender\de-DE\8⤵
-
-
-
C:\Windows\Branding\Basebrd\fr-FR\backup.exeC:\Windows\Branding\Basebrd\fr-FR\backup.exe C:\Windows\Branding\Basebrd\fr-FR\7⤵
-
-
C:\Windows\Branding\Basebrd\es-ES\backup.exeC:\Windows\Branding\Basebrd\es-ES\backup.exe C:\Windows\Branding\Basebrd\es-ES\7⤵
-
-
C:\Windows\Branding\Basebrd\it-IT\System Restore.exe"C:\Windows\Branding\Basebrd\it-IT\System Restore.exe" C:\Windows\Branding\Basebrd\it-IT\7⤵
-
-
C:\Windows\Branding\Basebrd\ja-JP\backup.exeC:\Windows\Branding\Basebrd\ja-JP\backup.exe C:\Windows\Branding\Basebrd\ja-JP\7⤵
-
-
-
C:\Windows\Branding\shellbrd\backup.exeC:\Windows\Branding\shellbrd\backup.exe C:\Windows\Branding\shellbrd\6⤵
-
-
-
C:\Windows\CbsTemp\backup.exeC:\Windows\CbsTemp\backup.exe C:\Windows\CbsTemp\5⤵
-
-
C:\Windows\Containers\backup.exeC:\Windows\Containers\backup.exe C:\Windows\Containers\5⤵
-
C:\Windows\Containers\serviced\backup.exeC:\Windows\Containers\serviced\backup.exe C:\Windows\Containers\serviced\6⤵
-
-
-
C:\Windows\Cursors\backup.exeC:\Windows\Cursors\backup.exe C:\Windows\Cursors\5⤵
-
-
C:\Windows\debug\backup.exeC:\Windows\debug\backup.exe C:\Windows\debug\5⤵
-
-
C:\Windows\de-DE\backup.exeC:\Windows\de-DE\backup.exe C:\Windows\de-DE\5⤵
-
-
C:\Windows\DiagTrack\update.exeC:\Windows\DiagTrack\update.exe C:\Windows\DiagTrack\5⤵
-
C:\Windows\DiagTrack\Settings\backup.exeC:\Windows\DiagTrack\Settings\backup.exe C:\Windows\DiagTrack\Settings\6⤵
-
-
C:\Windows\DiagTrack\Scenarios\backup.exeC:\Windows\DiagTrack\Scenarios\backup.exe C:\Windows\DiagTrack\Scenarios\6⤵
-
-
-
C:\Windows\DigitalLocker\backup.exeC:\Windows\DigitalLocker\backup.exe C:\Windows\DigitalLocker\5⤵
-
C:\Windows\DigitalLocker\en-US\backup.exeC:\Windows\DigitalLocker\en-US\backup.exe C:\Windows\DigitalLocker\en-US\6⤵
-
-
-
C:\Windows\en-US\backup.exeC:\Windows\en-US\backup.exe C:\Windows\en-US\5⤵
-
-
C:\Windows\es-ES\backup.exeC:\Windows\es-ES\backup.exe C:\Windows\es-ES\5⤵
-
-
C:\Windows\Fonts\backup.exeC:\Windows\Fonts\backup.exe C:\Windows\Fonts\5⤵
-
-
C:\Windows\fr-FR\backup.exeC:\Windows\fr-FR\backup.exe C:\Windows\fr-FR\5⤵
-
-
C:\Windows\GameBarPresenceWriter\backup.exeC:\Windows\GameBarPresenceWriter\backup.exe C:\Windows\GameBarPresenceWriter\5⤵
-
-
C:\Windows\Globalization\backup.exeC:\Windows\Globalization\backup.exe C:\Windows\Globalization\5⤵
-
C:\Windows\Globalization\ELS\data.exeC:\Windows\Globalization\ELS\data.exe C:\Windows\Globalization\ELS\6⤵
-
C:\Windows\Globalization\ELS\Transliteration\backup.exeC:\Windows\Globalization\ELS\Transliteration\backup.exe C:\Windows\Globalization\ELS\Transliteration\7⤵
-
-
-
C:\Windows\Globalization\ICU\backup.exeC:\Windows\Globalization\ICU\backup.exe C:\Windows\Globalization\ICU\6⤵
-
-
C:\Windows\Globalization\Sorting\backup.exeC:\Windows\Globalization\Sorting\backup.exe C:\Windows\Globalization\Sorting\6⤵
-
-
C:\Windows\Globalization\Time Zone\backup.exe"C:\Windows\Globalization\Time Zone\backup.exe" C:\Windows\Globalization\Time Zone\6⤵
-
-
-
C:\Windows\Help\backup.exeC:\Windows\Help\backup.exe C:\Windows\Help\5⤵
-
C:\Windows\Help\Corporate\backup.exeC:\Windows\Help\Corporate\backup.exe C:\Windows\Help\Corporate\6⤵
-
-
C:\Windows\Help\en-US\backup.exeC:\Windows\Help\en-US\backup.exe C:\Windows\Help\en-US\6⤵
-
-
-
-
-
-
C:\Users\Admin\AppData\Local\Temp\2498452678\backup.exeC:\Users\Admin\AppData\Local\Temp\2498452678\backup.exe C:\Users\Admin\AppData\Local\Temp\2498452678\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Users\Admin\AppData\Local\Temp\acrocef_low\data.exeC:\Users\Admin\AppData\Local\Temp\acrocef_low\data.exe C:\Users\Admin\AppData\Local\Temp\acrocef_low\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\backup.exeC:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\backup.exe C:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\2⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\Low\backup.exeC:\Users\Admin\AppData\Local\Temp\Low\backup.exe C:\Users\Admin\AppData\Local\Temp\Low\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\backup.exe"C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\backup.exe" C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\backup.exe"C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\backup.exe" C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\backup.exeC:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\backup.exe C:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\2⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Users\Admin\AppData\Local\Temp\OneNote\backup.exeC:\Users\Admin\AppData\Local\Temp\OneNote\backup.exe C:\Users\Admin\AppData\Local\Temp\OneNote\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\OneNote\16.0\backup.exeC:\Users\Admin\AppData\Local\Temp\OneNote\16.0\backup.exe C:\Users\Admin\AppData\Local\Temp\OneNote\16.0\3⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Users\Admin\AppData\Local\Temp\OneNote\16.0\Exported\backup.exeC:\Users\Admin\AppData\Local\Temp\OneNote\16.0\Exported\backup.exe C:\Users\Admin\AppData\Local\Temp\OneNote\16.0\Exported\4⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
-
-
C:\Users\Admin\AppData\Local\Temp\scoped_dir540_1722516930\backup.exeC:\Users\Admin\AppData\Local\Temp\scoped_dir540_1722516930\backup.exe C:\Users\Admin\AppData\Local\Temp\scoped_dir540_1722516930\2⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Users\Admin\AppData\Local\Temp\scoped_dir540_1722516930\CRX_INSTALL\backup.exeC:\Users\Admin\AppData\Local\Temp\scoped_dir540_1722516930\CRX_INSTALL\backup.exe C:\Users\Admin\AppData\Local\Temp\scoped_dir540_1722516930\CRX_INSTALL\3⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
-
C:\Users\Admin\AppData\Local\Temp\scoped_dir540_544490825\backup.exeC:\Users\Admin\AppData\Local\Temp\scoped_dir540_544490825\backup.exe C:\Users\Admin\AppData\Local\Temp\scoped_dir540_544490825\2⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Users\Admin\AppData\Local\Temp\scoped_dir540_544490825\CRX_INSTALL\backup.exeC:\Users\Admin\AppData\Local\Temp\scoped_dir540_544490825\CRX_INSTALL\backup.exe C:\Users\Admin\AppData\Local\Temp\scoped_dir540_544490825\CRX_INSTALL\3⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
-
C:\Windows\servicing\TrustedInstaller.exeC:\Windows\servicing\TrustedInstaller.exe1⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k netsvcs -p -s UsoSvc1⤵
- Modifies visibility of file extensions in Explorer
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\app\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\app\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\app\1⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\app\dev\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\app\dev\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\app\dev\2⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\app\dev\cef\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\app\dev\cef\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\app\dev\cef\3⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\app\dev\libs\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\app\dev\libs\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\app\dev\libs\3⤵
-
-
-
C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\2F83BD1D-C37E-49A4-8DFF-CE9E760C8D51\root\vfs\Windows\assembly\GAC_MSIL\Microsoft.AnalysisServices.SPClient.Interfaces\13.0.0.0__89845DCD8080CC91\backup.exe"C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\2F83BD1D-C37E-49A4-8DFF-CE9E760C8D51\root\vfs\Windows\assembly\GAC_MSIL\Microsoft.AnalysisServices.SPClient.Interfaces\13.0.0.0__89845DCD8080CC91\backup.exe" C:\Program Files\Microsoft Office\Updates\Download\PackageFiles\2F83BD1D-C37E-49A4-8DFF-CE9E760C8D51\root\vfs\Windows\assembly\GAC_MSIL\Microsoft.AnalysisServices.SPClient.Interfaces\13.0.0.0__89845DCD8080CC91\1⤵
-
C:\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\1⤵
-
C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.177.11\backup.exe"C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.177.11\backup.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.177.11\1⤵
-
C:\Windows\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\1⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
84KB
MD520a5f22dfdb602c5ad283902fe8ed8bd
SHA148121a1fae05d0fcc970335165c2be339cfac4bb
SHA25615a486478fca4b09fc52023b2f0f2034f239b9121c17a418b178d58e428d3d5b
SHA5126b6158373cc8b0444118abdf078f8b4879e5218c1ca57bbf214503fec555cf1ee256b02c1ce92b43d4f63dec77a8da97e768faeb188de32f9d27a25cd282a793
-
Filesize
84KB
MD520a5f22dfdb602c5ad283902fe8ed8bd
SHA148121a1fae05d0fcc970335165c2be339cfac4bb
SHA25615a486478fca4b09fc52023b2f0f2034f239b9121c17a418b178d58e428d3d5b
SHA5126b6158373cc8b0444118abdf078f8b4879e5218c1ca57bbf214503fec555cf1ee256b02c1ce92b43d4f63dec77a8da97e768faeb188de32f9d27a25cd282a793
-
Filesize
84KB
MD5c531f0d829334fa0296e799321908ff2
SHA158b2e820b9375141322cf33385a3c4ae6eeb5353
SHA256d22de0f59a47d9a933ebe03547bd43e2741ff2bd88951fd49343ffb3116eefb2
SHA512f6cc7a6cd7d0f569b86aaf64abad3934895e9cbdc03a39c23679b863e706b9540afa5e316012351d9bbd11c2172be8d27b9c193c2b264163f8b97ee8cb32b7fa
-
Filesize
84KB
MD5c531f0d829334fa0296e799321908ff2
SHA158b2e820b9375141322cf33385a3c4ae6eeb5353
SHA256d22de0f59a47d9a933ebe03547bd43e2741ff2bd88951fd49343ffb3116eefb2
SHA512f6cc7a6cd7d0f569b86aaf64abad3934895e9cbdc03a39c23679b863e706b9540afa5e316012351d9bbd11c2172be8d27b9c193c2b264163f8b97ee8cb32b7fa
-
Filesize
84KB
MD58bc4af6725ce84e9b226ebd5a8daf612
SHA12740846191c863088993975e6de14a44d451192b
SHA25686c326dea3218400580099123d208bb9d41b849a9fa71f65507dec3c4c04e880
SHA5121f2be4484d68e947efe7e1f1c90c13a1390a895d15bb281c1b52c1aa4f7bcf695d9667fee72ed786e7340a59baf07c94a6b96e8717b41c7cbd7ba1c07d51f247
-
Filesize
84KB
MD58bc4af6725ce84e9b226ebd5a8daf612
SHA12740846191c863088993975e6de14a44d451192b
SHA25686c326dea3218400580099123d208bb9d41b849a9fa71f65507dec3c4c04e880
SHA5121f2be4484d68e947efe7e1f1c90c13a1390a895d15bb281c1b52c1aa4f7bcf695d9667fee72ed786e7340a59baf07c94a6b96e8717b41c7cbd7ba1c07d51f247
-
Filesize
84KB
MD510bf85935af91a85bbbabab153e45030
SHA102ce1ac17cabef477bc0951e3c4eaa76fa99fec0
SHA256e2e937776bafedb968d054df1e561e012d7b232984a8634bb1df9d506e03d18f
SHA512a9f75cdad3d0808afe81f88554dcee5adea8497caac8f853d51cd750d60fe9ec375c69639acc52b8566020c2cf26b67ead3e1d05bcd4cd90e4195001d6e6c7fa
-
Filesize
84KB
MD510bf85935af91a85bbbabab153e45030
SHA102ce1ac17cabef477bc0951e3c4eaa76fa99fec0
SHA256e2e937776bafedb968d054df1e561e012d7b232984a8634bb1df9d506e03d18f
SHA512a9f75cdad3d0808afe81f88554dcee5adea8497caac8f853d51cd750d60fe9ec375c69639acc52b8566020c2cf26b67ead3e1d05bcd4cd90e4195001d6e6c7fa
-
Filesize
84KB
MD5e27d2cb467adead599f162f75a78326c
SHA1c6b4140b3440eeba1b927f9db8f420e09b8b2670
SHA256d37afd42f9a9c65a9f3216a9773a89085164bf631ee062bcb254a947e998c232
SHA512b9de1c6b48c01e509cd6e439d5b54791798f0cad47cacafe6e70ac54b40536280a75d2de775d93a7adc297a967c647829df2dfeb51076443b79713f0116ee12f
-
Filesize
84KB
MD5e27d2cb467adead599f162f75a78326c
SHA1c6b4140b3440eeba1b927f9db8f420e09b8b2670
SHA256d37afd42f9a9c65a9f3216a9773a89085164bf631ee062bcb254a947e998c232
SHA512b9de1c6b48c01e509cd6e439d5b54791798f0cad47cacafe6e70ac54b40536280a75d2de775d93a7adc297a967c647829df2dfeb51076443b79713f0116ee12f
-
Filesize
84KB
MD53c059edba65a34ee2c133e2fe5febc70
SHA1c294ed71188ab7a53f4fcdc7ace735abd8c6781d
SHA256b9cf2e1a30aab7c15e9baa7de81cbb322671606f7175f589b108a0250fc034b8
SHA512bd0c618282c1078bada00636b87739dd9b3042e4d0d6a94a749e599e7b05451e11deeaa21c0e32d6536b616846a7dfa77ce14c47eb372e75d86841a27edc0be6
-
Filesize
84KB
MD53c059edba65a34ee2c133e2fe5febc70
SHA1c294ed71188ab7a53f4fcdc7ace735abd8c6781d
SHA256b9cf2e1a30aab7c15e9baa7de81cbb322671606f7175f589b108a0250fc034b8
SHA512bd0c618282c1078bada00636b87739dd9b3042e4d0d6a94a749e599e7b05451e11deeaa21c0e32d6536b616846a7dfa77ce14c47eb372e75d86841a27edc0be6
-
Filesize
84KB
MD510bf85935af91a85bbbabab153e45030
SHA102ce1ac17cabef477bc0951e3c4eaa76fa99fec0
SHA256e2e937776bafedb968d054df1e561e012d7b232984a8634bb1df9d506e03d18f
SHA512a9f75cdad3d0808afe81f88554dcee5adea8497caac8f853d51cd750d60fe9ec375c69639acc52b8566020c2cf26b67ead3e1d05bcd4cd90e4195001d6e6c7fa
-
Filesize
84KB
MD510bf85935af91a85bbbabab153e45030
SHA102ce1ac17cabef477bc0951e3c4eaa76fa99fec0
SHA256e2e937776bafedb968d054df1e561e012d7b232984a8634bb1df9d506e03d18f
SHA512a9f75cdad3d0808afe81f88554dcee5adea8497caac8f853d51cd750d60fe9ec375c69639acc52b8566020c2cf26b67ead3e1d05bcd4cd90e4195001d6e6c7fa
-
Filesize
84KB
MD5e8d2b525cfa3a32603a4180b5df08ba8
SHA13bfb45c2bedd6bc2d8bd5a44f95167947e5a0aa4
SHA256011aae0ec23c564358af8834f995940ccb2c681f49b7f65ce01aed73e40c2e87
SHA5127cf9eba44b0dcf54a115a940e07e6f83fc8b347f466d8bb1a8e671b322422baa1e38f0174400f037d8f5e5af587bd3a413b674905f4dcd643ecbc4178d1c5061
-
Filesize
84KB
MD5e8d2b525cfa3a32603a4180b5df08ba8
SHA13bfb45c2bedd6bc2d8bd5a44f95167947e5a0aa4
SHA256011aae0ec23c564358af8834f995940ccb2c681f49b7f65ce01aed73e40c2e87
SHA5127cf9eba44b0dcf54a115a940e07e6f83fc8b347f466d8bb1a8e671b322422baa1e38f0174400f037d8f5e5af587bd3a413b674905f4dcd643ecbc4178d1c5061
-
Filesize
84KB
MD534add128513bf79cea180c52657b8862
SHA122b97baf60c2478589b468b836376464517489f0
SHA2561664c0f6f7ed22492314df8d1a504dcc5ff369eb7ca5325983df33cf403db2e8
SHA512610272d14166fe31c85eeac971498dc2aac1e4394d933b23e6ed0b673e61b299719b2c9c6a2eb20ea11ea4706f566d4f0b975869809d274823c9ac6412fe749e
-
Filesize
84KB
MD534add128513bf79cea180c52657b8862
SHA122b97baf60c2478589b468b836376464517489f0
SHA2561664c0f6f7ed22492314df8d1a504dcc5ff369eb7ca5325983df33cf403db2e8
SHA512610272d14166fe31c85eeac971498dc2aac1e4394d933b23e6ed0b673e61b299719b2c9c6a2eb20ea11ea4706f566d4f0b975869809d274823c9ac6412fe749e
-
Filesize
84KB
MD5e8d2b525cfa3a32603a4180b5df08ba8
SHA13bfb45c2bedd6bc2d8bd5a44f95167947e5a0aa4
SHA256011aae0ec23c564358af8834f995940ccb2c681f49b7f65ce01aed73e40c2e87
SHA5127cf9eba44b0dcf54a115a940e07e6f83fc8b347f466d8bb1a8e671b322422baa1e38f0174400f037d8f5e5af587bd3a413b674905f4dcd643ecbc4178d1c5061
-
Filesize
84KB
MD5e8d2b525cfa3a32603a4180b5df08ba8
SHA13bfb45c2bedd6bc2d8bd5a44f95167947e5a0aa4
SHA256011aae0ec23c564358af8834f995940ccb2c681f49b7f65ce01aed73e40c2e87
SHA5127cf9eba44b0dcf54a115a940e07e6f83fc8b347f466d8bb1a8e671b322422baa1e38f0174400f037d8f5e5af587bd3a413b674905f4dcd643ecbc4178d1c5061
-
Filesize
84KB
MD5e8d2b525cfa3a32603a4180b5df08ba8
SHA13bfb45c2bedd6bc2d8bd5a44f95167947e5a0aa4
SHA256011aae0ec23c564358af8834f995940ccb2c681f49b7f65ce01aed73e40c2e87
SHA5127cf9eba44b0dcf54a115a940e07e6f83fc8b347f466d8bb1a8e671b322422baa1e38f0174400f037d8f5e5af587bd3a413b674905f4dcd643ecbc4178d1c5061
-
Filesize
84KB
MD5e8d2b525cfa3a32603a4180b5df08ba8
SHA13bfb45c2bedd6bc2d8bd5a44f95167947e5a0aa4
SHA256011aae0ec23c564358af8834f995940ccb2c681f49b7f65ce01aed73e40c2e87
SHA5127cf9eba44b0dcf54a115a940e07e6f83fc8b347f466d8bb1a8e671b322422baa1e38f0174400f037d8f5e5af587bd3a413b674905f4dcd643ecbc4178d1c5061
-
Filesize
84KB
MD57ef0e0a8ba7f49e9cdaf8aa008f387f9
SHA18af4d6251764a22257977ed1c06dedac910695f1
SHA25609dfbcf29f684957126987a97f6d952175d3e2363604d6e1bd89f7363f8a4f37
SHA5127dad1b21d587ce81527a35be3d942f4b891f8c0b6d554d6feb7c21c1b528d8d129eb4c070fcdefc5414d61b0e3b43f84b1c4fd450a76fa0a8e77289e5222f6da
-
Filesize
84KB
MD57ef0e0a8ba7f49e9cdaf8aa008f387f9
SHA18af4d6251764a22257977ed1c06dedac910695f1
SHA25609dfbcf29f684957126987a97f6d952175d3e2363604d6e1bd89f7363f8a4f37
SHA5127dad1b21d587ce81527a35be3d942f4b891f8c0b6d554d6feb7c21c1b528d8d129eb4c070fcdefc5414d61b0e3b43f84b1c4fd450a76fa0a8e77289e5222f6da
-
Filesize
84KB
MD57ef0e0a8ba7f49e9cdaf8aa008f387f9
SHA18af4d6251764a22257977ed1c06dedac910695f1
SHA25609dfbcf29f684957126987a97f6d952175d3e2363604d6e1bd89f7363f8a4f37
SHA5127dad1b21d587ce81527a35be3d942f4b891f8c0b6d554d6feb7c21c1b528d8d129eb4c070fcdefc5414d61b0e3b43f84b1c4fd450a76fa0a8e77289e5222f6da
-
Filesize
84KB
MD57ef0e0a8ba7f49e9cdaf8aa008f387f9
SHA18af4d6251764a22257977ed1c06dedac910695f1
SHA25609dfbcf29f684957126987a97f6d952175d3e2363604d6e1bd89f7363f8a4f37
SHA5127dad1b21d587ce81527a35be3d942f4b891f8c0b6d554d6feb7c21c1b528d8d129eb4c070fcdefc5414d61b0e3b43f84b1c4fd450a76fa0a8e77289e5222f6da
-
Filesize
84KB
MD57ef0e0a8ba7f49e9cdaf8aa008f387f9
SHA18af4d6251764a22257977ed1c06dedac910695f1
SHA25609dfbcf29f684957126987a97f6d952175d3e2363604d6e1bd89f7363f8a4f37
SHA5127dad1b21d587ce81527a35be3d942f4b891f8c0b6d554d6feb7c21c1b528d8d129eb4c070fcdefc5414d61b0e3b43f84b1c4fd450a76fa0a8e77289e5222f6da
-
Filesize
84KB
MD57ef0e0a8ba7f49e9cdaf8aa008f387f9
SHA18af4d6251764a22257977ed1c06dedac910695f1
SHA25609dfbcf29f684957126987a97f6d952175d3e2363604d6e1bd89f7363f8a4f37
SHA5127dad1b21d587ce81527a35be3d942f4b891f8c0b6d554d6feb7c21c1b528d8d129eb4c070fcdefc5414d61b0e3b43f84b1c4fd450a76fa0a8e77289e5222f6da
-
Filesize
84KB
MD520a5f22dfdb602c5ad283902fe8ed8bd
SHA148121a1fae05d0fcc970335165c2be339cfac4bb
SHA25615a486478fca4b09fc52023b2f0f2034f239b9121c17a418b178d58e428d3d5b
SHA5126b6158373cc8b0444118abdf078f8b4879e5218c1ca57bbf214503fec555cf1ee256b02c1ce92b43d4f63dec77a8da97e768faeb188de32f9d27a25cd282a793
-
Filesize
84KB
MD520a5f22dfdb602c5ad283902fe8ed8bd
SHA148121a1fae05d0fcc970335165c2be339cfac4bb
SHA25615a486478fca4b09fc52023b2f0f2034f239b9121c17a418b178d58e428d3d5b
SHA5126b6158373cc8b0444118abdf078f8b4879e5218c1ca57bbf214503fec555cf1ee256b02c1ce92b43d4f63dec77a8da97e768faeb188de32f9d27a25cd282a793
-
Filesize
84KB
MD5d91a3e2b3c10435f6c6e2ec166dd66f4
SHA1258023343c61a20141b4a8f1662ef3b6abfbc158
SHA256a6ae0b46be8786bb5da1a60aa28aa6ebd79970750fb7bb0c0f9b2b5e4b467cd6
SHA512e9eaa14516d519708cd54e344f1d4671ceb7adc55f22e31045a7371ecfb4e7886e0b84a2bcfe811382fbde7cba2eb35d532c019a5d715fbcb0b341c58b752271
-
Filesize
84KB
MD5d91a3e2b3c10435f6c6e2ec166dd66f4
SHA1258023343c61a20141b4a8f1662ef3b6abfbc158
SHA256a6ae0b46be8786bb5da1a60aa28aa6ebd79970750fb7bb0c0f9b2b5e4b467cd6
SHA512e9eaa14516d519708cd54e344f1d4671ceb7adc55f22e31045a7371ecfb4e7886e0b84a2bcfe811382fbde7cba2eb35d532c019a5d715fbcb0b341c58b752271
-
Filesize
84KB
MD5d91a3e2b3c10435f6c6e2ec166dd66f4
SHA1258023343c61a20141b4a8f1662ef3b6abfbc158
SHA256a6ae0b46be8786bb5da1a60aa28aa6ebd79970750fb7bb0c0f9b2b5e4b467cd6
SHA512e9eaa14516d519708cd54e344f1d4671ceb7adc55f22e31045a7371ecfb4e7886e0b84a2bcfe811382fbde7cba2eb35d532c019a5d715fbcb0b341c58b752271
-
Filesize
84KB
MD553c382897381e996b905beed63c7eb24
SHA15d56a4a576674245062f7e5d4db1f22f9d0f9f37
SHA2569017525359e1fde24d5fa6bec72c551ffc40d8b13f062b0cd81d06deda83b4b5
SHA51269e567f225c149e1bff3fe5549ee8c6c598288293811dd61b8594861914805eb1c78277d361d9dad252d5d2de4c9c360fd79c643afb508f4635546483d89d5f5
-
Filesize
84KB
MD553c382897381e996b905beed63c7eb24
SHA15d56a4a576674245062f7e5d4db1f22f9d0f9f37
SHA2569017525359e1fde24d5fa6bec72c551ffc40d8b13f062b0cd81d06deda83b4b5
SHA51269e567f225c149e1bff3fe5549ee8c6c598288293811dd61b8594861914805eb1c78277d361d9dad252d5d2de4c9c360fd79c643afb508f4635546483d89d5f5
-
Filesize
84KB
MD553c382897381e996b905beed63c7eb24
SHA15d56a4a576674245062f7e5d4db1f22f9d0f9f37
SHA2569017525359e1fde24d5fa6bec72c551ffc40d8b13f062b0cd81d06deda83b4b5
SHA51269e567f225c149e1bff3fe5549ee8c6c598288293811dd61b8594861914805eb1c78277d361d9dad252d5d2de4c9c360fd79c643afb508f4635546483d89d5f5
-
Filesize
84KB
MD553c382897381e996b905beed63c7eb24
SHA15d56a4a576674245062f7e5d4db1f22f9d0f9f37
SHA2569017525359e1fde24d5fa6bec72c551ffc40d8b13f062b0cd81d06deda83b4b5
SHA51269e567f225c149e1bff3fe5549ee8c6c598288293811dd61b8594861914805eb1c78277d361d9dad252d5d2de4c9c360fd79c643afb508f4635546483d89d5f5
-
Filesize
84KB
MD5e377feee8b165f8168149c7ab8a0147f
SHA11470cea447017294e77311c00a73708907aaa80b
SHA256a94b97d9146c441e045f743eec62448ae85864b53ffa7dc379d3bd737982b4c6
SHA512a961e6c9dfc0ef434862c1598d4faa6784a227bfb4d1ac16eaeeb9e87b8bd2322de8a47d69f061d084032ca33fe35ddf594747c2abd71accbb372ba42f1caa30
-
Filesize
84KB
MD5e377feee8b165f8168149c7ab8a0147f
SHA11470cea447017294e77311c00a73708907aaa80b
SHA256a94b97d9146c441e045f743eec62448ae85864b53ffa7dc379d3bd737982b4c6
SHA512a961e6c9dfc0ef434862c1598d4faa6784a227bfb4d1ac16eaeeb9e87b8bd2322de8a47d69f061d084032ca33fe35ddf594747c2abd71accbb372ba42f1caa30
-
Filesize
84KB
MD5695d91cb062279d2cd2a8ea3aa2c56f1
SHA18cdc3a6c8ddf3c13e64dbe008ca479ba169aa75d
SHA256a51aa5f4069b0f39cdee196715ac898aa208504212f4a4dfb3d0d992d69447ac
SHA51293f5e0562c3fa137b5af4457fe7b330f0a53ca7f7f6ba7c7eaab061275636d9ada30c859476e72e7a62541076d2c0d49e34424e34511779874bcc4bac462940d
-
Filesize
84KB
MD5695d91cb062279d2cd2a8ea3aa2c56f1
SHA18cdc3a6c8ddf3c13e64dbe008ca479ba169aa75d
SHA256a51aa5f4069b0f39cdee196715ac898aa208504212f4a4dfb3d0d992d69447ac
SHA51293f5e0562c3fa137b5af4457fe7b330f0a53ca7f7f6ba7c7eaab061275636d9ada30c859476e72e7a62541076d2c0d49e34424e34511779874bcc4bac462940d
-
Filesize
84KB
MD59221e7666819c791d4789166ca13789c
SHA1d5d5c5331ffed0acbe7311e1b283f725d9c96036
SHA256d671daf503d358a61d62b17fc2a462f0f2dbab7c31e151a6f704be489f9f5ff3
SHA5120ea0f91d7990174387dce78b0583e051b3ee6c9dd251787ebf88eae975c7913540b12e455d5fb3351bee18854f12bc9e0b50e57beaa80ba01af81febfa80afac
-
Filesize
84KB
MD59221e7666819c791d4789166ca13789c
SHA1d5d5c5331ffed0acbe7311e1b283f725d9c96036
SHA256d671daf503d358a61d62b17fc2a462f0f2dbab7c31e151a6f704be489f9f5ff3
SHA5120ea0f91d7990174387dce78b0583e051b3ee6c9dd251787ebf88eae975c7913540b12e455d5fb3351bee18854f12bc9e0b50e57beaa80ba01af81febfa80afac
-
Filesize
84KB
MD5e377feee8b165f8168149c7ab8a0147f
SHA11470cea447017294e77311c00a73708907aaa80b
SHA256a94b97d9146c441e045f743eec62448ae85864b53ffa7dc379d3bd737982b4c6
SHA512a961e6c9dfc0ef434862c1598d4faa6784a227bfb4d1ac16eaeeb9e87b8bd2322de8a47d69f061d084032ca33fe35ddf594747c2abd71accbb372ba42f1caa30
-
Filesize
84KB
MD5e377feee8b165f8168149c7ab8a0147f
SHA11470cea447017294e77311c00a73708907aaa80b
SHA256a94b97d9146c441e045f743eec62448ae85864b53ffa7dc379d3bd737982b4c6
SHA512a961e6c9dfc0ef434862c1598d4faa6784a227bfb4d1ac16eaeeb9e87b8bd2322de8a47d69f061d084032ca33fe35ddf594747c2abd71accbb372ba42f1caa30
-
Filesize
84KB
MD553c382897381e996b905beed63c7eb24
SHA15d56a4a576674245062f7e5d4db1f22f9d0f9f37
SHA2569017525359e1fde24d5fa6bec72c551ffc40d8b13f062b0cd81d06deda83b4b5
SHA51269e567f225c149e1bff3fe5549ee8c6c598288293811dd61b8594861914805eb1c78277d361d9dad252d5d2de4c9c360fd79c643afb508f4635546483d89d5f5
-
Filesize
84KB
MD553c382897381e996b905beed63c7eb24
SHA15d56a4a576674245062f7e5d4db1f22f9d0f9f37
SHA2569017525359e1fde24d5fa6bec72c551ffc40d8b13f062b0cd81d06deda83b4b5
SHA51269e567f225c149e1bff3fe5549ee8c6c598288293811dd61b8594861914805eb1c78277d361d9dad252d5d2de4c9c360fd79c643afb508f4635546483d89d5f5
-
Filesize
84KB
MD553c382897381e996b905beed63c7eb24
SHA15d56a4a576674245062f7e5d4db1f22f9d0f9f37
SHA2569017525359e1fde24d5fa6bec72c551ffc40d8b13f062b0cd81d06deda83b4b5
SHA51269e567f225c149e1bff3fe5549ee8c6c598288293811dd61b8594861914805eb1c78277d361d9dad252d5d2de4c9c360fd79c643afb508f4635546483d89d5f5
-
Filesize
84KB
MD553c382897381e996b905beed63c7eb24
SHA15d56a4a576674245062f7e5d4db1f22f9d0f9f37
SHA2569017525359e1fde24d5fa6bec72c551ffc40d8b13f062b0cd81d06deda83b4b5
SHA51269e567f225c149e1bff3fe5549ee8c6c598288293811dd61b8594861914805eb1c78277d361d9dad252d5d2de4c9c360fd79c643afb508f4635546483d89d5f5
-
Filesize
84KB
MD5e377feee8b165f8168149c7ab8a0147f
SHA11470cea447017294e77311c00a73708907aaa80b
SHA256a94b97d9146c441e045f743eec62448ae85864b53ffa7dc379d3bd737982b4c6
SHA512a961e6c9dfc0ef434862c1598d4faa6784a227bfb4d1ac16eaeeb9e87b8bd2322de8a47d69f061d084032ca33fe35ddf594747c2abd71accbb372ba42f1caa30
-
Filesize
84KB
MD5e377feee8b165f8168149c7ab8a0147f
SHA11470cea447017294e77311c00a73708907aaa80b
SHA256a94b97d9146c441e045f743eec62448ae85864b53ffa7dc379d3bd737982b4c6
SHA512a961e6c9dfc0ef434862c1598d4faa6784a227bfb4d1ac16eaeeb9e87b8bd2322de8a47d69f061d084032ca33fe35ddf594747c2abd71accbb372ba42f1caa30
-
Filesize
84KB
MD54a6d68ae91916368986b42cc42054630
SHA1403644c2dcacda9cf32ee3611ab8320f5d92f18f
SHA256a0bb9bf61ad8704b8163241ec05d0827fe426b2f801e8008e2446d0e1c353f5e
SHA5129ca0dfd4fed167c2cf974dd1eb51ab943d4c73a6d32a7c141a0a38bad76fcb5472f845e28bcc9891004264296e60ed2c00cd549a7e847376739c9317e1bff6ce
-
Filesize
84KB
MD54a6d68ae91916368986b42cc42054630
SHA1403644c2dcacda9cf32ee3611ab8320f5d92f18f
SHA256a0bb9bf61ad8704b8163241ec05d0827fe426b2f801e8008e2446d0e1c353f5e
SHA5129ca0dfd4fed167c2cf974dd1eb51ab943d4c73a6d32a7c141a0a38bad76fcb5472f845e28bcc9891004264296e60ed2c00cd549a7e847376739c9317e1bff6ce
-
Filesize
84KB
MD5fe08fea1934cb4004375121b0ba9218a
SHA126f3b388c0eeaaf8c263d371c52814f817dba6b8
SHA25695cf4c5d6d926daeafb6eeea45215de7d4e24d8840ee7c3572a8160ba81341ed
SHA5121a2c8de758fd08fa7b7e61278e42d250ff761f84c35f1ffa708b0bdb7c901fca859d72c4fb0f1316532f234416fdcfd582f7992f5883bc919231cabefdc4b049
-
Filesize
84KB
MD5fe08fea1934cb4004375121b0ba9218a
SHA126f3b388c0eeaaf8c263d371c52814f817dba6b8
SHA25695cf4c5d6d926daeafb6eeea45215de7d4e24d8840ee7c3572a8160ba81341ed
SHA5121a2c8de758fd08fa7b7e61278e42d250ff761f84c35f1ffa708b0bdb7c901fca859d72c4fb0f1316532f234416fdcfd582f7992f5883bc919231cabefdc4b049
-
Filesize
84KB
MD5665574947ed5c0a66cc899d1fb62f83b
SHA1f0fc76a364b023286ef06cb0970335c95c711860
SHA256a746967eef1ad298ce682889546df237f6e2720b8b29f952890db8129662ae32
SHA51236fff1fb03961587e96300a840cc78677972773c1de46dc0bc173c9c34408ee8f981b0c1b79f5a2d765ad3d80e1724bf167098aeba9802a06c1a59b8cace220b
-
Filesize
84KB
MD5665574947ed5c0a66cc899d1fb62f83b
SHA1f0fc76a364b023286ef06cb0970335c95c711860
SHA256a746967eef1ad298ce682889546df237f6e2720b8b29f952890db8129662ae32
SHA51236fff1fb03961587e96300a840cc78677972773c1de46dc0bc173c9c34408ee8f981b0c1b79f5a2d765ad3d80e1724bf167098aeba9802a06c1a59b8cace220b
-
Filesize
84KB
MD593c1f8ab1f5c454cf5ba76c26d4a71b5
SHA17718793f9d52b2ec69beb16954041856b4d83978
SHA2566fc9dad903d2d3a66a568c84dc0246b4d7de18abd68b134a693d30093c0fc531
SHA512f4017cb776c762a6601e3ac84a3bd8626eb146482cc7f8b9579795b6a29b7381617dd62c980a70792cf2b9b93eed2c8120753941354715ef20af34bf7ff03dc6
-
Filesize
84KB
MD593c1f8ab1f5c454cf5ba76c26d4a71b5
SHA17718793f9d52b2ec69beb16954041856b4d83978
SHA2566fc9dad903d2d3a66a568c84dc0246b4d7de18abd68b134a693d30093c0fc531
SHA512f4017cb776c762a6601e3ac84a3bd8626eb146482cc7f8b9579795b6a29b7381617dd62c980a70792cf2b9b93eed2c8120753941354715ef20af34bf7ff03dc6
-
Filesize
22B
MD576cdb2bad9582d23c1f6f4d868218d6c
SHA1b04f3ee8f5e43fa3b162981b50bb72fe1acabb33
SHA2568739c76e681f900923b900c9df0ef75cf421d39cabb54650c4b9ad19b6a76d85
SHA5125e2f959f36b66df0580a94f384c5fc1ceeec4b2a3925f062d7b68f21758b86581ac2adcfdde73a171a28496e758ef1b23ca4951c05455cdae9357cc3b5a5825f
-
Filesize
30KB
MD573e58e2ecffc69d3a57a188a4508ef6c
SHA1daecef98d08fafb51a03409713236e1ad12e4ca5
SHA25633134bd66731a96a84413e7ca5a39f8b914872873d7e7bf069d47cb4beae40a3
SHA512cd12997e86ac7ac7700a6ed0428d0094bc09e3da46a95c273f0bd3404381e3c891c2cbd536958751a342115879b23add1178fb26b38c7d1720dc18453f3d0a41
-
Filesize
84KB
MD5d91a3e2b3c10435f6c6e2ec166dd66f4
SHA1258023343c61a20141b4a8f1662ef3b6abfbc158
SHA256a6ae0b46be8786bb5da1a60aa28aa6ebd79970750fb7bb0c0f9b2b5e4b467cd6
SHA512e9eaa14516d519708cd54e344f1d4671ceb7adc55f22e31045a7371ecfb4e7886e0b84a2bcfe811382fbde7cba2eb35d532c019a5d715fbcb0b341c58b752271
-
Filesize
84KB
MD5d91a3e2b3c10435f6c6e2ec166dd66f4
SHA1258023343c61a20141b4a8f1662ef3b6abfbc158
SHA256a6ae0b46be8786bb5da1a60aa28aa6ebd79970750fb7bb0c0f9b2b5e4b467cd6
SHA512e9eaa14516d519708cd54e344f1d4671ceb7adc55f22e31045a7371ecfb4e7886e0b84a2bcfe811382fbde7cba2eb35d532c019a5d715fbcb0b341c58b752271
-
Filesize
84KB
MD5c02e1e0a3c6d1722d5751f14c6ec7e55
SHA160cff9d7356ef1010736b021ddac444f1651b9d3
SHA256dae688e7e755eac1cec3908da5e755d9d562ccab8b047f39cfa58ba01b969945
SHA51299fce48c614bf6fee817109fe5dedc55229b1acb9190fc442eb14ed44aa7e888b6d710f632ca15f77919d0e242c01820c4373730c60b63abc414cb3ac4895983
-
Filesize
84KB
MD5c02e1e0a3c6d1722d5751f14c6ec7e55
SHA160cff9d7356ef1010736b021ddac444f1651b9d3
SHA256dae688e7e755eac1cec3908da5e755d9d562ccab8b047f39cfa58ba01b969945
SHA51299fce48c614bf6fee817109fe5dedc55229b1acb9190fc442eb14ed44aa7e888b6d710f632ca15f77919d0e242c01820c4373730c60b63abc414cb3ac4895983
-
Filesize
84KB
MD57f5630d7f34bfec0ae68d6f53acb2925
SHA1b86716620831ff31440dc4a49a42659f7b7f74b5
SHA256b12c8bd19562146d0c9ac8dd38b0aa6d17bc58cc1a34142f95a5cd02b42e40f7
SHA512272f17ffeacbb09d52299dd14c452d3e7efa69de132de5e95add020b99c31f5c92b4ebf86593dfc9160c6f89fcd74030cf51fba15cc0331f4c31a185432f4061
-
Filesize
84KB
MD57f5630d7f34bfec0ae68d6f53acb2925
SHA1b86716620831ff31440dc4a49a42659f7b7f74b5
SHA256b12c8bd19562146d0c9ac8dd38b0aa6d17bc58cc1a34142f95a5cd02b42e40f7
SHA512272f17ffeacbb09d52299dd14c452d3e7efa69de132de5e95add020b99c31f5c92b4ebf86593dfc9160c6f89fcd74030cf51fba15cc0331f4c31a185432f4061
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB
-
Filesize
112KB