Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
97s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
-
submitted
07/06/2024, 01:02
General
-
Target
71c71667cc54cc92d7be1e3e6017ea9229be71e4069c24b4d326ff2b5e405367.exe
-
Size
72KB
-
MD5
1d749aea49028f7b57a3f29e083e1307
-
SHA1
b6695ebd4d72a742fbf3af1441645f956d81c8fc
-
SHA256
71c71667cc54cc92d7be1e3e6017ea9229be71e4069c24b4d326ff2b5e405367
-
SHA512
47221474253890769ae8a1a2981eedbcb9605a30f7a3af07b044ab23ff69f860f80620d9dfb79819fe50217aecb689be9585028f4f1b59225bd3b27b9b2c7c9c
-
SSDEEP
384:y6wayA+1mwnA353BXR+oGfP5d/ZBHXME+l93qPAqee/w6yJ/wWD+S83BXR+oGf2G:ypQNwC3BEddsEqOt/hyJF+x3BEJwRrq
Score
10/10
Malware Config
Signatures
-
Modifies visibility of file extensions in Explorer 2 TTPs 64 IoCs
-
Disables RegEdit via registry modification 64 IoCs
-
Executes dropped EXE 64 IoCs
-
Loads dropped DLL 64 IoCs
-
Drops file in Program Files directory 64 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of SetWindowsHookEx 64 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
-
System policy modification 1 TTPs 64 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\71c71667cc54cc92d7be1e3e6017ea9229be71e4069c24b4d326ff2b5e405367.exe"C:\Users\Admin\AppData\Local\Temp\71c71667cc54cc92d7be1e3e6017ea9229be71e4069c24b4d326ff2b5e405367.exe"1⤵
- Disables RegEdit via registry modification
- Loads dropped DLL
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Users\Admin\AppData\Local\Temp\3707800951\backup.exeC:\Users\Admin\AppData\Local\Temp\3707800951\backup.exe C:\Users\Admin\AppData\Local\Temp\3707800951\2⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\backup.exe\backup.exe \3⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\PerfLogs\backup.exeC:\PerfLogs\backup.exe C:\PerfLogs\4⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\PerfLogs\Admin\backup.exeC:\PerfLogs\Admin\backup.exe C:\PerfLogs\Admin\5⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
-
C:\Program Files\backup.exe"C:\Program Files\backup.exe" C:\Program Files\4⤵
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\7-Zip\backup.exe"C:\Program Files\7-Zip\backup.exe" C:\Program Files\7-Zip\5⤵
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\7-Zip\Lang\backup.exe"C:\Program Files\7-Zip\Lang\backup.exe" C:\Program Files\7-Zip\Lang\6⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
-
C:\Program Files\Common Files\backup.exe"C:\Program Files\Common Files\backup.exe" C:\Program Files\Common Files\5⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\Microsoft Shared\backup.exe"C:\Program Files\Common Files\Microsoft Shared\backup.exe" C:\Program Files\Common Files\Microsoft Shared\6⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\Filters\backup.exe"C:\Program Files\Common Files\Microsoft Shared\Filters\backup.exe" C:\Program Files\Common Files\Microsoft Shared\Filters\7⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\8⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\en-US\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\en-US\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\en-US\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\8⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\System Restore.exe"C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\System Restore.exe" C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\8⤵
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\9⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\9⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\9⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\9⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\9⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\9⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\9⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\9⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web\9⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\HWRCustomization\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\HWRCustomization\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\HWRCustomization\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\data.exe"C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\data.exe" C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\lt-LT\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\lt-LT\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\lt-LT\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\pl-PL\System Restore.exe"C:\Program Files\Common Files\Microsoft Shared\ink\pl-PL\System Restore.exe" C:\Program Files\Common Files\Microsoft Shared\ink\pl-PL\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\pt-BR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\pt-BR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\pt-BR\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\pt-PT\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\pt-PT\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\pt-PT\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\ro-RO\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\ro-RO\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\ro-RO\8⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\ru-RU\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\ru-RU\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\ru-RU\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\sk-SK\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\sk-SK\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\sk-SK\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\sl-SI\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\sl-SI\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\sl-SI\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\sr-Latn-CS\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\sr-Latn-CS\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\sr-Latn-CS\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\sv-SE\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\sv-SE\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\sv-SE\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\th-TH\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\th-TH\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\th-TH\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\tr-TR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\tr-TR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\tr-TR\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\uk-UA\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\uk-UA\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\uk-UA\8⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\zh-CN\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\zh-CN\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\zh-CN\8⤵
- Disables RegEdit via registry modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\zh-TW\update.exe"C:\Program Files\Common Files\Microsoft Shared\ink\zh-TW\update.exe" C:\Program Files\Common Files\Microsoft Shared\ink\zh-TW\8⤵
- System policy modification
-
-
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\7⤵
- Drops file in Program Files directory
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\de-DE\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\de-DE\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\de-DE\8⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\System Restore.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\System Restore.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\8⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\es-ES\update.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\es-ES\update.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\es-ES\8⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\fr-FR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\fr-FR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\fr-FR\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
-
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\it-IT\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\it-IT\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\it-IT\8⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\ja-JP\update.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\ja-JP\update.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\ja-JP\8⤵
-
-
-
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\data.exe"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\data.exe" C:\Program Files\Common Files\Microsoft Shared\OFFICE14\7⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\backup.exe"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\backup.exe" C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\8⤵
- Disables RegEdit via registry modification
-
-
-
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\backup.exe"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\backup.exe" C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\7⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\Stationery\backup.exe"C:\Program Files\Common Files\Microsoft Shared\Stationery\backup.exe" C:\Program Files\Common Files\Microsoft Shared\Stationery\7⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\TextConv\backup.exe"C:\Program Files\Common Files\Microsoft Shared\TextConv\backup.exe" C:\Program Files\Common Files\Microsoft Shared\TextConv\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Drops file in Program Files directory
-
C:\Program Files\Common Files\Microsoft Shared\TextConv\de-DE\backup.exe"C:\Program Files\Common Files\Microsoft Shared\TextConv\de-DE\backup.exe" C:\Program Files\Common Files\Microsoft Shared\TextConv\de-DE\8⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\TextConv\en-US\backup.exe"C:\Program Files\Common Files\Microsoft Shared\TextConv\en-US\backup.exe" C:\Program Files\Common Files\Microsoft Shared\TextConv\en-US\8⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\TextConv\es-ES\backup.exe"C:\Program Files\Common Files\Microsoft Shared\TextConv\es-ES\backup.exe" C:\Program Files\Common Files\Microsoft Shared\TextConv\es-ES\8⤵
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\TextConv\fr-FR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\TextConv\fr-FR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\TextConv\fr-FR\8⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\TextConv\it-IT\backup.exe"C:\Program Files\Common Files\Microsoft Shared\TextConv\it-IT\backup.exe" C:\Program Files\Common Files\Microsoft Shared\TextConv\it-IT\8⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Common Files\Microsoft Shared\TextConv\ja-JP\backup.exe"C:\Program Files\Common Files\Microsoft Shared\TextConv\ja-JP\backup.exe" C:\Program Files\Common Files\Microsoft Shared\TextConv\ja-JP\8⤵
- System policy modification
-
-
-
C:\Program Files\Common Files\Microsoft Shared\Triedit\backup.exe"C:\Program Files\Common Files\Microsoft Shared\Triedit\backup.exe" C:\Program Files\Common Files\Microsoft Shared\Triedit\7⤵
- Disables RegEdit via registry modification
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\Triedit\de-DE\backup.exe"C:\Program Files\Common Files\Microsoft Shared\Triedit\de-DE\backup.exe" C:\Program Files\Common Files\Microsoft Shared\Triedit\de-DE\8⤵
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\Triedit\en-US\data.exe"C:\Program Files\Common Files\Microsoft Shared\Triedit\en-US\data.exe" C:\Program Files\Common Files\Microsoft Shared\Triedit\en-US\8⤵
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\Triedit\es-ES\backup.exe"C:\Program Files\Common Files\Microsoft Shared\Triedit\es-ES\backup.exe" C:\Program Files\Common Files\Microsoft Shared\Triedit\es-ES\8⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Common Files\Microsoft Shared\Triedit\fr-FR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\Triedit\fr-FR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\Triedit\fr-FR\8⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\Triedit\it-IT\update.exe"C:\Program Files\Common Files\Microsoft Shared\Triedit\it-IT\update.exe" C:\Program Files\Common Files\Microsoft Shared\Triedit\it-IT\8⤵
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\Triedit\ja-JP\backup.exe"C:\Program Files\Common Files\Microsoft Shared\Triedit\ja-JP\backup.exe" C:\Program Files\Common Files\Microsoft Shared\Triedit\ja-JP\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
-
-
-
C:\Program Files\Common Files\Microsoft Shared\VC\System Restore.exe"C:\Program Files\Common Files\Microsoft Shared\VC\System Restore.exe" C:\Program Files\Common Files\Microsoft Shared\VC\7⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\VGX\backup.exe"C:\Program Files\Common Files\Microsoft Shared\VGX\backup.exe" C:\Program Files\Common Files\Microsoft Shared\VGX\7⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\VSTO\backup.exe"C:\Program Files\Common Files\Microsoft Shared\VSTO\backup.exe" C:\Program Files\Common Files\Microsoft Shared\VSTO\7⤵
-
C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\backup.exe"C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\backup.exe" C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\8⤵
- Disables RegEdit via registry modification
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\update.exe"C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\update.exe" C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\9⤵
- Modifies visibility of file extensions in Explorer
-
-
-
-
-
C:\Program Files\Common Files\Services\backup.exe"C:\Program Files\Common Files\Services\backup.exe" C:\Program Files\Common Files\Services\6⤵
-
-
C:\Program Files\Common Files\SpeechEngines\data.exe"C:\Program Files\Common Files\SpeechEngines\data.exe" C:\Program Files\Common Files\SpeechEngines\6⤵
- Drops file in Program Files directory
-
C:\Program Files\Common Files\SpeechEngines\Microsoft\update.exe"C:\Program Files\Common Files\SpeechEngines\Microsoft\update.exe" C:\Program Files\Common Files\SpeechEngines\Microsoft\7⤵
- Modifies visibility of file extensions in Explorer
-
-
-
C:\Program Files\Common Files\System\backup.exe"C:\Program Files\Common Files\System\backup.exe" C:\Program Files\Common Files\System\6⤵
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files\Common Files\System\ado\backup.exe"C:\Program Files\Common Files\System\ado\backup.exe" C:\Program Files\Common Files\System\ado\7⤵
- Drops file in Program Files directory
-
C:\Program Files\Common Files\System\ado\de-DE\backup.exe"C:\Program Files\Common Files\System\ado\de-DE\backup.exe" C:\Program Files\Common Files\System\ado\de-DE\8⤵
-
-
C:\Program Files\Common Files\System\ado\en-US\System Restore.exe"C:\Program Files\Common Files\System\ado\en-US\System Restore.exe" C:\Program Files\Common Files\System\ado\en-US\8⤵
- Disables RegEdit via registry modification
-
-
C:\Program Files\Common Files\System\ado\es-ES\backup.exe"C:\Program Files\Common Files\System\ado\es-ES\backup.exe" C:\Program Files\Common Files\System\ado\es-ES\8⤵
- Disables RegEdit via registry modification
-
-
C:\Program Files\Common Files\System\ado\fr-FR\backup.exe"C:\Program Files\Common Files\System\ado\fr-FR\backup.exe" C:\Program Files\Common Files\System\ado\fr-FR\8⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Common Files\System\ado\it-IT\backup.exe"C:\Program Files\Common Files\System\ado\it-IT\backup.exe" C:\Program Files\Common Files\System\ado\it-IT\8⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Common Files\System\ado\ja-JP\backup.exe"C:\Program Files\Common Files\System\ado\ja-JP\backup.exe" C:\Program Files\Common Files\System\ado\ja-JP\8⤵
-
-
-
C:\Program Files\Common Files\System\de-DE\backup.exe"C:\Program Files\Common Files\System\de-DE\backup.exe" C:\Program Files\Common Files\System\de-DE\7⤵
- Disables RegEdit via registry modification
- System policy modification
-
-
C:\Program Files\Common Files\System\en-US\backup.exe"C:\Program Files\Common Files\System\en-US\backup.exe" C:\Program Files\Common Files\System\en-US\7⤵
-
-
C:\Program Files\Common Files\System\es-ES\backup.exe"C:\Program Files\Common Files\System\es-ES\backup.exe" C:\Program Files\Common Files\System\es-ES\7⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Common Files\System\fr-FR\backup.exe"C:\Program Files\Common Files\System\fr-FR\backup.exe" C:\Program Files\Common Files\System\fr-FR\7⤵
- Disables RegEdit via registry modification
- System policy modification
-
-
C:\Program Files\Common Files\System\it-IT\backup.exe"C:\Program Files\Common Files\System\it-IT\backup.exe" C:\Program Files\Common Files\System\it-IT\7⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Program Files\Common Files\System\ja-JP\backup.exe"C:\Program Files\Common Files\System\ja-JP\backup.exe" C:\Program Files\Common Files\System\ja-JP\7⤵
- Disables RegEdit via registry modification
-
-
C:\Program Files\Common Files\System\msadc\backup.exe"C:\Program Files\Common Files\System\msadc\backup.exe" C:\Program Files\Common Files\System\msadc\7⤵
- Disables RegEdit via registry modification
- Drops file in Program Files directory
-
C:\Program Files\Common Files\System\msadc\de-DE\backup.exe"C:\Program Files\Common Files\System\msadc\de-DE\backup.exe" C:\Program Files\Common Files\System\msadc\de-DE\8⤵
-
-
C:\Program Files\Common Files\System\msadc\en-US\backup.exe"C:\Program Files\Common Files\System\msadc\en-US\backup.exe" C:\Program Files\Common Files\System\msadc\en-US\8⤵
-
-
C:\Program Files\Common Files\System\msadc\es-ES\System Restore.exe"C:\Program Files\Common Files\System\msadc\es-ES\System Restore.exe" C:\Program Files\Common Files\System\msadc\es-ES\8⤵
- System policy modification
-
-
C:\Program Files\Common Files\System\msadc\fr-FR\backup.exe"C:\Program Files\Common Files\System\msadc\fr-FR\backup.exe" C:\Program Files\Common Files\System\msadc\fr-FR\8⤵
-
-
C:\Program Files\Common Files\System\msadc\it-IT\backup.exe"C:\Program Files\Common Files\System\msadc\it-IT\backup.exe" C:\Program Files\Common Files\System\msadc\it-IT\8⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Common Files\System\msadc\ja-JP\backup.exe"C:\Program Files\Common Files\System\msadc\ja-JP\backup.exe" C:\Program Files\Common Files\System\msadc\ja-JP\8⤵
-
-
-
C:\Program Files\Common Files\System\Ole DB\backup.exe"C:\Program Files\Common Files\System\Ole DB\backup.exe" C:\Program Files\Common Files\System\Ole DB\7⤵
- Drops file in Program Files directory
-
C:\Program Files\Common Files\System\Ole DB\de-DE\update.exe"C:\Program Files\Common Files\System\Ole DB\de-DE\update.exe" C:\Program Files\Common Files\System\Ole DB\de-DE\8⤵
-
-
C:\Program Files\Common Files\System\Ole DB\en-US\backup.exe"C:\Program Files\Common Files\System\Ole DB\en-US\backup.exe" C:\Program Files\Common Files\System\Ole DB\en-US\8⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Common Files\System\Ole DB\es-ES\backup.exe"C:\Program Files\Common Files\System\Ole DB\es-ES\backup.exe" C:\Program Files\Common Files\System\Ole DB\es-ES\8⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Program Files\Common Files\System\Ole DB\fr-FR\backup.exe"C:\Program Files\Common Files\System\Ole DB\fr-FR\backup.exe" C:\Program Files\Common Files\System\Ole DB\fr-FR\8⤵
-
-
C:\Program Files\Common Files\System\Ole DB\it-IT\backup.exe"C:\Program Files\Common Files\System\Ole DB\it-IT\backup.exe" C:\Program Files\Common Files\System\Ole DB\it-IT\8⤵
- Disables RegEdit via registry modification
- System policy modification
-
-
C:\Program Files\Common Files\System\Ole DB\ja-JP\backup.exe"C:\Program Files\Common Files\System\Ole DB\ja-JP\backup.exe" C:\Program Files\Common Files\System\Ole DB\ja-JP\8⤵
-
-
-
-
-
C:\Program Files\DVD Maker\backup.exe"C:\Program Files\DVD Maker\backup.exe" C:\Program Files\DVD Maker\5⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Drops file in Program Files directory
-
C:\Program Files\DVD Maker\de-DE\backup.exe"C:\Program Files\DVD Maker\de-DE\backup.exe" C:\Program Files\DVD Maker\de-DE\6⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Program Files\DVD Maker\en-US\backup.exe"C:\Program Files\DVD Maker\en-US\backup.exe" C:\Program Files\DVD Maker\en-US\6⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Program Files\DVD Maker\es-ES\backup.exe"C:\Program Files\DVD Maker\es-ES\backup.exe" C:\Program Files\DVD Maker\es-ES\6⤵
- System policy modification
-
-
C:\Program Files\DVD Maker\fr-FR\backup.exe"C:\Program Files\DVD Maker\fr-FR\backup.exe" C:\Program Files\DVD Maker\fr-FR\6⤵
- Disables RegEdit via registry modification
-
-
C:\Program Files\DVD Maker\it-IT\backup.exe"C:\Program Files\DVD Maker\it-IT\backup.exe" C:\Program Files\DVD Maker\it-IT\6⤵
-
-
C:\Program Files\DVD Maker\ja-JP\backup.exe"C:\Program Files\DVD Maker\ja-JP\backup.exe" C:\Program Files\DVD Maker\ja-JP\6⤵
-
-
C:\Program Files\DVD Maker\Shared\backup.exe"C:\Program Files\DVD Maker\Shared\backup.exe" C:\Program Files\DVD Maker\Shared\6⤵
- System policy modification
-
C:\Program Files\DVD Maker\Shared\DvdStyles\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\7⤵
- Drops file in Program Files directory
-
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\8⤵
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\8⤵
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\Full\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\Full\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\Full\8⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\8⤵
- Disables RegEdit via registry modification
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\8⤵
- Disables RegEdit via registry modification
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\System Restore.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\System Restore.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\8⤵
- Disables RegEdit via registry modification
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\8⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\8⤵
- System policy modification
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\Push\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\Push\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\Push\8⤵
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\8⤵
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\8⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\8⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\8⤵
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\update.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\update.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\8⤵
- Disables RegEdit via registry modification
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\8⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\8⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\8⤵
- Disables RegEdit via registry modification
- System policy modification
-
-
C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\8⤵
- Modifies visibility of file extensions in Explorer
-
-
-
-
-
C:\Program Files\Google\backup.exe"C:\Program Files\Google\backup.exe" C:\Program Files\Google\5⤵
-
C:\Program Files\Google\Chrome\backup.exe"C:\Program Files\Google\Chrome\backup.exe" C:\Program Files\Google\Chrome\6⤵
- Modifies visibility of file extensions in Explorer
-
C:\Program Files\Google\Chrome\Application\backup.exe"C:\Program Files\Google\Chrome\Application\backup.exe" C:\Program Files\Google\Chrome\Application\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\backup.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\backup.exe" C:\Program Files\Google\Chrome\Application\106.0.5249.119\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\default_apps\backup.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\default_apps\backup.exe" C:\Program Files\Google\Chrome\Application\106.0.5249.119\default_apps\9⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
-
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\Extensions\backup.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Extensions\backup.exe" C:\Program Files\Google\Chrome\Application\106.0.5249.119\Extensions\9⤵
- Disables RegEdit via registry modification
-
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\backup.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\backup.exe" C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\9⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
-
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\backup.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\backup.exe" C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\9⤵
- Disables RegEdit via registry modification
-
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\MEIPreload\backup.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\MEIPreload\backup.exe" C:\Program Files\Google\Chrome\Application\106.0.5249.119\MEIPreload\9⤵
- System policy modification
-
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\backup.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\backup.exe" C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\9⤵
-
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\backup.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\backup.exe" C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\9⤵
- Modifies visibility of file extensions in Explorer
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\_platform_specific\backup.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\_platform_specific\backup.exe" C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\_platform_specific\10⤵
- Disables RegEdit via registry modification
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\_platform_specific\win_x64\backup.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\_platform_specific\win_x64\backup.exe" C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\_platform_specific\win_x64\11⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
-
-
-
C:\Program Files\Google\Chrome\Application\SetupMetrics\backup.exe"C:\Program Files\Google\Chrome\Application\SetupMetrics\backup.exe" C:\Program Files\Google\Chrome\Application\SetupMetrics\8⤵
-
-
-
-
-
C:\Program Files\Internet Explorer\backup.exe"C:\Program Files\Internet Explorer\backup.exe" C:\Program Files\Internet Explorer\5⤵
- Drops file in Program Files directory
-
C:\Program Files\Internet Explorer\de-DE\backup.exe"C:\Program Files\Internet Explorer\de-DE\backup.exe" C:\Program Files\Internet Explorer\de-DE\6⤵
- System policy modification
-
-
C:\Program Files\Internet Explorer\en-US\backup.exe"C:\Program Files\Internet Explorer\en-US\backup.exe" C:\Program Files\Internet Explorer\en-US\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
-
-
C:\Program Files\Internet Explorer\es-ES\backup.exe"C:\Program Files\Internet Explorer\es-ES\backup.exe" C:\Program Files\Internet Explorer\es-ES\6⤵
-
-
C:\Program Files\Internet Explorer\fr-FR\backup.exe"C:\Program Files\Internet Explorer\fr-FR\backup.exe" C:\Program Files\Internet Explorer\fr-FR\6⤵
- Disables RegEdit via registry modification
-
-
C:\Program Files\Internet Explorer\images\backup.exe"C:\Program Files\Internet Explorer\images\backup.exe" C:\Program Files\Internet Explorer\images\6⤵
- System policy modification
-
-
C:\Program Files\Internet Explorer\it-IT\backup.exe"C:\Program Files\Internet Explorer\it-IT\backup.exe" C:\Program Files\Internet Explorer\it-IT\6⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Program Files\Internet Explorer\ja-JP\backup.exe"C:\Program Files\Internet Explorer\ja-JP\backup.exe" C:\Program Files\Internet Explorer\ja-JP\6⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Internet Explorer\SIGNUP\backup.exe"C:\Program Files\Internet Explorer\SIGNUP\backup.exe" C:\Program Files\Internet Explorer\SIGNUP\6⤵
- Disables RegEdit via registry modification
-
-
-
C:\Program Files\Java\backup.exe"C:\Program Files\Java\backup.exe" C:\Program Files\Java\5⤵
-
C:\Program Files\Java\jdk1.7.0_80\backup.exe"C:\Program Files\Java\jdk1.7.0_80\backup.exe" C:\Program Files\Java\jdk1.7.0_80\6⤵
- System policy modification
-
C:\Program Files\Java\jdk1.7.0_80\bin\backup.exe"C:\Program Files\Java\jdk1.7.0_80\bin\backup.exe" C:\Program Files\Java\jdk1.7.0_80\bin\7⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Program Files\Java\jdk1.7.0_80\db\backup.exe"C:\Program Files\Java\jdk1.7.0_80\db\backup.exe" C:\Program Files\Java\jdk1.7.0_80\db\7⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
-
C:\Program Files\Java\jdk1.7.0_80\db\bin\backup.exe"C:\Program Files\Java\jdk1.7.0_80\db\bin\backup.exe" C:\Program Files\Java\jdk1.7.0_80\db\bin\8⤵
- Disables RegEdit via registry modification
-
-
C:\Program Files\Java\jdk1.7.0_80\db\lib\backup.exe"C:\Program Files\Java\jdk1.7.0_80\db\lib\backup.exe" C:\Program Files\Java\jdk1.7.0_80\db\lib\8⤵
-
-
-
C:\Program Files\Java\jdk1.7.0_80\include\backup.exe"C:\Program Files\Java\jdk1.7.0_80\include\backup.exe" C:\Program Files\Java\jdk1.7.0_80\include\7⤵
-
C:\Program Files\Java\jdk1.7.0_80\include\win32\backup.exe"C:\Program Files\Java\jdk1.7.0_80\include\win32\backup.exe" C:\Program Files\Java\jdk1.7.0_80\include\win32\8⤵
- System policy modification
-
C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\backup.exe"C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\backup.exe" C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\9⤵
-
-
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\7⤵
- Drops file in Program Files directory
-
C:\Program Files\Java\jdk1.7.0_80\jre\bin\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\bin\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\bin\8⤵
- Drops file in Program Files directory
-
C:\Program Files\Java\jdk1.7.0_80\jre\bin\dtplugin\update.exe"C:\Program Files\Java\jdk1.7.0_80\jre\bin\dtplugin\update.exe" C:\Program Files\Java\jdk1.7.0_80\jre\bin\dtplugin\9⤵
- System policy modification
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\bin\plugin2\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\bin\plugin2\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\bin\plugin2\9⤵
- Disables RegEdit via registry modification
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\9⤵
- System policy modification
-
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\8⤵
- Drops file in Program Files directory
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\amd64\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\amd64\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\amd64\9⤵
- System policy modification
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\applet\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\applet\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\applet\9⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\9⤵
- Disables RegEdit via registry modification
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\9⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\9⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\data.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\data.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\9⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\9⤵
- Disables RegEdit via registry modification
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\10⤵
-
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\9⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\9⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\System Restore.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\System Restore.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\9⤵
- System policy modification
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\9⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Drops file in Program Files directory
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\10⤵
- Disables RegEdit via registry modification
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\10⤵
- Drops file in Program Files directory
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\11⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\11⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Kentucky\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Kentucky\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Kentucky\11⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\11⤵
-
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\10⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\10⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\data.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\data.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\10⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\10⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\10⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\data.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\data.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\10⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\10⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\backup.exe"C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\backup.exe" C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\10⤵
-
-
-
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\7⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\8⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\9⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.equinox.simpleconfigurator\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.equinox.simpleconfigurator\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.equinox.simpleconfigurator\10⤵
-
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\dropins\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\dropins\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\dropins\9⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\9⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\10⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\10⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\10⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\10⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_CN_5.5.0.165303\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_CN_5.5.0.165303\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_CN_5.5.0.165303\10⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\10⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\10⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\META-INF\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\META-INF\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\META-INF\11⤵
-
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\10⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\11⤵
-
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\data.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\data.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\10⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\11⤵
-
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\10⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\11⤵
-
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\10⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\System Restore.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\System Restore.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\11⤵
-
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\10⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\META-INF\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\META-INF\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\META-INF\11⤵
-
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\10⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\META-INF\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\META-INF\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\META-INF\11⤵
-
-
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\9⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\10⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\System Restore.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\System Restore.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\11⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\12⤵
-
-
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\data.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\data.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\10⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\11⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\12⤵
-
-
-
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\9⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\10⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\11⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\12⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\css\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\css\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\css\13⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\13⤵
-
-
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\META-INF\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\META-INF\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\META-INF\11⤵
-
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\10⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\data.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\data.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\11⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\11⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\META-INF\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\META-INF\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\META-INF\11⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\11⤵
-
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\10⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\META-INF\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\META-INF\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\META-INF\11⤵
-
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\10⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\11⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\11⤵
-
-
-
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\8⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\9⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\10⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\11⤵
-
-
-
-
-
-
-
-
C:\Program Files\Windows Defender\backup.exe"C:\Program Files\Windows Defender\backup.exe" C:\Program Files\Windows Defender\5⤵
-
C:\Program Files\Windows Defender\es-ES\backup.exe"C:\Program Files\Windows Defender\es-ES\backup.exe" C:\Program Files\Windows Defender\es-ES\6⤵
-
-
C:\Program Files\Windows Defender\fr-FR\backup.exe"C:\Program Files\Windows Defender\fr-FR\backup.exe" C:\Program Files\Windows Defender\fr-FR\6⤵
-
-
C:\Program Files\Windows Defender\it-IT\backup.exe"C:\Program Files\Windows Defender\it-IT\backup.exe" C:\Program Files\Windows Defender\it-IT\6⤵
-
-
C:\Program Files\Windows Defender\ja-JP\backup.exe"C:\Program Files\Windows Defender\ja-JP\backup.exe" C:\Program Files\Windows Defender\ja-JP\6⤵
-
-
-
C:\Program Files\Windows Journal\backup.exe"C:\Program Files\Windows Journal\backup.exe" C:\Program Files\Windows Journal\5⤵
-
C:\Program Files\Windows Journal\es-ES\System Restore.exe"C:\Program Files\Windows Journal\es-ES\System Restore.exe" C:\Program Files\Windows Journal\es-ES\6⤵
-
-
C:\Program Files\Windows Journal\it-IT\data.exe"C:\Program Files\Windows Journal\it-IT\data.exe" C:\Program Files\Windows Journal\it-IT\6⤵
-
-
C:\Program Files\Windows Journal\ja-JP\backup.exe"C:\Program Files\Windows Journal\ja-JP\backup.exe" C:\Program Files\Windows Journal\ja-JP\6⤵
-
-
C:\Program Files\Windows Journal\Templates\backup.exe"C:\Program Files\Windows Journal\Templates\backup.exe" C:\Program Files\Windows Journal\Templates\6⤵
-
-
-
C:\Program Files\Windows Media Player\backup.exe"C:\Program Files\Windows Media Player\backup.exe" C:\Program Files\Windows Media Player\5⤵
-
C:\Program Files\Windows Media Player\es-ES\backup.exe"C:\Program Files\Windows Media Player\es-ES\backup.exe" C:\Program Files\Windows Media Player\es-ES\6⤵
-
-
C:\Program Files\Windows Media Player\fr-FR\backup.exe"C:\Program Files\Windows Media Player\fr-FR\backup.exe" C:\Program Files\Windows Media Player\fr-FR\6⤵
-
-
C:\Program Files\Windows Media Player\it-IT\backup.exe"C:\Program Files\Windows Media Player\it-IT\backup.exe" C:\Program Files\Windows Media Player\it-IT\6⤵
-
-
C:\Program Files\Windows Media Player\Skins\backup.exe"C:\Program Files\Windows Media Player\Skins\backup.exe" C:\Program Files\Windows Media Player\Skins\6⤵
-
-
-
-
C:\Program Files (x86)\backup.exe"C:\Program Files (x86)\backup.exe" C:\Program Files (x86)\4⤵
-
C:\Program Files (x86)\Adobe\System Restore.exe"C:\Program Files (x86)\Adobe\System Restore.exe" C:\Program Files (x86)\Adobe\5⤵
-
-
C:\Program Files (x86)\Microsoft Sync Framework\backup.exe"C:\Program Files (x86)\Microsoft Sync Framework\backup.exe" C:\Program Files (x86)\Microsoft Sync Framework\5⤵
-
-
C:\Program Files (x86)\Microsoft Synchronization Services\backup.exe"C:\Program Files (x86)\Microsoft Synchronization Services\backup.exe" C:\Program Files (x86)\Microsoft Synchronization Services\5⤵
-
-
C:\Program Files (x86)\MSBuild\backup.exe"C:\Program Files (x86)\MSBuild\backup.exe" C:\Program Files (x86)\MSBuild\5⤵
-
-
-
-
-
C:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\data.exeC:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\data.exe C:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\2⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Users\Admin\AppData\Local\Temp\Low\backup.exeC:\Users\Admin\AppData\Local\Temp\Low\backup.exe C:\Users\Admin\AppData\Local\Temp\Low\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\backup.exe"C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\backup.exe" C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\2⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\backup.exe"C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\backup.exe" C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\backup.exeC:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\backup.exe C:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\2⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\scoped_dir816_1791373456\backup.exeC:\Users\Admin\AppData\Local\Temp\scoped_dir816_1791373456\backup.exe C:\Users\Admin\AppData\Local\Temp\scoped_dir816_1791373456\2⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\scoped_dir816_1791373456\CRX_INSTALL\backup.exeC:\Users\Admin\AppData\Local\Temp\scoped_dir816_1791373456\CRX_INSTALL\backup.exe C:\Users\Admin\AppData\Local\Temp\scoped_dir816_1791373456\CRX_INSTALL\3⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
-
C:\Users\Admin\AppData\Local\Temp\scoped_dir816_2026301031\backup.exeC:\Users\Admin\AppData\Local\Temp\scoped_dir816_2026301031\backup.exe C:\Users\Admin\AppData\Local\Temp\scoped_dir816_2026301031\2⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Users\Admin\AppData\Local\Temp\scoped_dir816_2026301031\CRX_INSTALL\backup.exeC:\Users\Admin\AppData\Local\Temp\scoped_dir816_2026301031\CRX_INSTALL\backup.exe C:\Users\Admin\AppData\Local\Temp\scoped_dir816_2026301031\CRX_INSTALL\3⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
-
C:\Users\Admin\AppData\Local\Temp\WPDNSE\backup.exeC:\Users\Admin\AppData\Local\Temp\WPDNSE\backup.exe C:\Users\Admin\AppData\Local\Temp\WPDNSE\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\1⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\data.exe"C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\data.exe" C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\1⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\1⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\1⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\1⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\System Restore.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\System Restore.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\1⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\System Restore.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\System Restore.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\2⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\3⤵
-
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\1⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk15\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk15\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk15\1⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk15\windows-amd64\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk15\windows-amd64\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk15\windows-amd64\2⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk16\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk16\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk16\1⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\update.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\update.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\1⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\2⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\3⤵
-
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\1⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\2⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\1⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\1⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\2⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\1⤵
-
C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\2⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\backup.exe"C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\backup.exe" C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\1⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\1⤵
-
C:\Program Files\Java\jre7\bin\data.exe"C:\Program Files\Java\jre7\bin\data.exe" C:\Program Files\Java\jre7\bin\1⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prc\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prc\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prc\1⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\1⤵
-
C:\Program Files\Java\jre7\lib\cmm\backup.exe"C:\Program Files\Java\jre7\lib\cmm\backup.exe" C:\Program Files\Java\jre7\lib\cmm\1⤵
-
C:\Program Files\Java\jre7\lib\deploy\backup.exe"C:\Program Files\Java\jre7\lib\deploy\backup.exe" C:\Program Files\Java\jre7\lib\deploy\1⤵
-
C:\Program Files\Java\jre7\lib\ext\backup.exe"C:\Program Files\Java\jre7\lib\ext\backup.exe" C:\Program Files\Java\jre7\lib\ext\1⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\1⤵
-
C:\Program Files\Java\jre7\lib\images\backup.exe"C:\Program Files\Java\jre7\lib\images\backup.exe" C:\Program Files\Java\jre7\lib\images\1⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\System Restore.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\System Restore.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\1⤵
-
C:\Program Files\Java\jre7\lib\management\backup.exe"C:\Program Files\Java\jre7\lib\management\backup.exe" C:\Program Files\Java\jre7\lib\management\1⤵
-
C:\Program Files\Java\jre7\lib\security\backup.exe"C:\Program Files\Java\jre7\lib\security\backup.exe" C:\Program Files\Java\jre7\lib\security\1⤵
-
C:\Program Files\Java\jre7\lib\zi\Africa\backup.exe"C:\Program Files\Java\jre7\lib\zi\Africa\backup.exe" C:\Program Files\Java\jre7\lib\zi\Africa\1⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\1⤵
-
C:\Program Files\Java\jre7\lib\zi\America\Indiana\backup.exe"C:\Program Files\Java\jre7\lib\zi\America\Indiana\backup.exe" C:\Program Files\Java\jre7\lib\zi\America\Indiana\1⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\System Restore.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\System Restore.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\1⤵
-
C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\backup.exe"C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\backup.exe" C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\1⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\1⤵
-
C:\Program Files\Java\jre7\lib\zi\Asia\backup.exe"C:\Program Files\Java\jre7\lib\zi\Asia\backup.exe" C:\Program Files\Java\jre7\lib\zi\Asia\1⤵
-
C:\Program Files (x86)\Common Files\Adobe\Acrobat\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Acrobat\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Acrobat\1⤵
-
C:\Program Files (x86)\Common Files\Adobe\Help\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Help\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Help\1⤵
-
C:\Program Files (x86)\Common Files\Adobe\Help\en_US\System Restore.exe"C:\Program Files (x86)\Common Files\Adobe\Help\en_US\System Restore.exe" C:\Program Files (x86)\Common Files\Adobe\Help\en_US\2⤵
-
-
C:\Program Files\Microsoft Games\Chess\backup.exe"C:\Program Files\Microsoft Games\Chess\backup.exe" C:\Program Files\Microsoft Games\Chess\1⤵
-
C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\1⤵
-
C:\Program Files\Microsoft Games\FreeCell\backup.exe"C:\Program Files\Microsoft Games\FreeCell\backup.exe" C:\Program Files\Microsoft Games\FreeCell\1⤵
-
C:\Program Files\Microsoft Games\FreeCell\es-ES\backup.exe"C:\Program Files\Microsoft Games\FreeCell\es-ES\backup.exe" C:\Program Files\Microsoft Games\FreeCell\es-ES\2⤵
-
-
C:\Program Files\Microsoft Games\FreeCell\it-IT\data.exe"C:\Program Files\Microsoft Games\FreeCell\it-IT\data.exe" C:\Program Files\Microsoft Games\FreeCell\it-IT\2⤵
-
-
C:\Program Files (x86)\Common Files\microsoft shared\Filters\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\Filters\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\Filters\1⤵
-
C:\Program Files (x86)\Common Files\microsoft shared\Help\1028\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\Help\1028\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\Help\1028\1⤵
-
C:\Program Files (x86)\Common Files\microsoft shared\Help\1036\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\Help\1036\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\Help\1036\1⤵
-
C:\Program Files\Microsoft Games\Hearts\fr-FR\data.exe"C:\Program Files\Microsoft Games\Hearts\fr-FR\data.exe" C:\Program Files\Microsoft Games\Hearts\fr-FR\1⤵
-
C:\Program Files\Microsoft Games\Hearts\ja-JP\update.exe"C:\Program Files\Microsoft Games\Hearts\ja-JP\update.exe" C:\Program Files\Microsoft Games\Hearts\ja-JP\1⤵
-
C:\Program Files (x86)\Common Files\microsoft shared\ink\1.0\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\ink\1.0\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\ink\1.0\1⤵
-
C:\Program Files (x86)\Common Files\microsoft shared\ink\1.7\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\ink\1.7\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\ink\1.7\1⤵
-
C:\Program Files\Microsoft Games\Mahjong\it-IT\backup.exe"C:\Program Files\Microsoft Games\Mahjong\it-IT\backup.exe" C:\Program Files\Microsoft Games\Mahjong\it-IT\1⤵
-
C:\Program Files\Microsoft Games\Minesweeper\backup.exe"C:\Program Files\Microsoft Games\Minesweeper\backup.exe" C:\Program Files\Microsoft Games\Minesweeper\1⤵
-
C:\Program Files\Microsoft Games\Minesweeper\de-DE\backup.exe"C:\Program Files\Microsoft Games\Minesweeper\de-DE\backup.exe" C:\Program Files\Microsoft Games\Minesweeper\de-DE\2⤵
-
-
C:\Program Files\Microsoft Games\Minesweeper\es-ES\backup.exe"C:\Program Files\Microsoft Games\Minesweeper\es-ES\backup.exe" C:\Program Files\Microsoft Games\Minesweeper\es-ES\2⤵
-
-
C:\Program Files (x86)\Common Files\microsoft shared\ink\fr-FR\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\ink\fr-FR\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\ink\fr-FR\1⤵
-
C:\Program Files (x86)\Common Files\microsoft shared\ink\it-IT\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\ink\it-IT\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\ink\it-IT\1⤵
-
C:\Program Files\Microsoft Games\More Games\de-DE\backup.exe"C:\Program Files\Microsoft Games\More Games\de-DE\backup.exe" C:\Program Files\Microsoft Games\More Games\de-DE\1⤵
-
C:\Program Files\Microsoft Games\More Games\en-US\backup.exe"C:\Program Files\Microsoft Games\More Games\en-US\backup.exe" C:\Program Files\Microsoft Games\More Games\en-US\1⤵
-
C:\Program Files\Microsoft Games\More Games\fr-FR\backup.exe"C:\Program Files\Microsoft Games\More Games\fr-FR\backup.exe" C:\Program Files\Microsoft Games\More Games\fr-FR\1⤵
-
C:\Program Files\Microsoft Games\More Games\ja-JP\System Restore.exe"C:\Program Files\Microsoft Games\More Games\ja-JP\System Restore.exe" C:\Program Files\Microsoft Games\More Games\ja-JP\1⤵
-
C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1⤵
-
C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\2⤵
-
-
C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\2⤵
-
C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office64.WW\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office64.WW\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Office64.WW\3⤵
-
-
C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Proof.fr\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Proof.fr\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Proof.fr\3⤵
-
-
C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Word.en-us\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Word.en-us\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Word.en-us\3⤵
-
-
-
C:\Program Files\Microsoft Games\Multiplayer\Backgammon\es-ES\backup.exe"C:\Program Files\Microsoft Games\Multiplayer\Backgammon\es-ES\backup.exe" C:\Program Files\Microsoft Games\Multiplayer\Backgammon\es-ES\1⤵
-
C:\Program Files\Microsoft Games\Multiplayer\Backgammon\ja-JP\backup.exe"C:\Program Files\Microsoft Games\Multiplayer\Backgammon\ja-JP\backup.exe" C:\Program Files\Microsoft Games\Multiplayer\Backgammon\ja-JP\1⤵
-
C:\Program Files\Microsoft Games\Multiplayer\Checkers\backup.exe"C:\Program Files\Microsoft Games\Multiplayer\Checkers\backup.exe" C:\Program Files\Microsoft Games\Multiplayer\Checkers\1⤵
-
C:\Program Files\Microsoft Games\Multiplayer\Checkers\de-DE\backup.exe"C:\Program Files\Microsoft Games\Multiplayer\Checkers\de-DE\backup.exe" C:\Program Files\Microsoft Games\Multiplayer\Checkers\de-DE\2⤵
-
-
C:\Program Files\Microsoft Games\Multiplayer\Checkers\es-ES\backup.exe"C:\Program Files\Microsoft Games\Multiplayer\Checkers\es-ES\backup.exe" C:\Program Files\Microsoft Games\Multiplayer\Checkers\es-ES\2⤵
-
-
C:\Program Files\Microsoft Games\Multiplayer\Spades\fr-FR\backup.exe"C:\Program Files\Microsoft Games\Multiplayer\Spades\fr-FR\backup.exe" C:\Program Files\Microsoft Games\Multiplayer\Spades\fr-FR\1⤵
-
C:\Program Files\Microsoft Games\Multiplayer\Spades\ja-JP\backup.exe"C:\Program Files\Microsoft Games\Multiplayer\Spades\ja-JP\backup.exe" C:\Program Files\Microsoft Games\Multiplayer\Spades\ja-JP\1⤵
-
C:\Program Files\Microsoft Games\Purble Place\en-US\backup.exe"C:\Program Files\Microsoft Games\Purble Place\en-US\backup.exe" C:\Program Files\Microsoft Games\Purble Place\en-US\1⤵
-
C:\Program Files\Microsoft Games\Purble Place\fr-FR\backup.exe"C:\Program Files\Microsoft Games\Purble Place\fr-FR\backup.exe" C:\Program Files\Microsoft Games\Purble Place\fr-FR\1⤵
-
C:\Program Files\Microsoft Games\Solitaire\de-DE\data.exe"C:\Program Files\Microsoft Games\Solitaire\de-DE\data.exe" C:\Program Files\Microsoft Games\Solitaire\de-DE\1⤵
-
C:\Program Files\Microsoft Games\Solitaire\es-ES\backup.exe"C:\Program Files\Microsoft Games\Solitaire\es-ES\backup.exe" C:\Program Files\Microsoft Games\Solitaire\es-ES\1⤵
-
C:\Program Files (x86)\Common Files\microsoft shared\TextConv\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\TextConv\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\TextConv\1⤵
-
C:\Program Files (x86)\Common Files\microsoft shared\TextConv\en-US\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\TextConv\en-US\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\TextConv\en-US\2⤵
-
-
C:\Program Files (x86)\Common Files\microsoft shared\TextConv\it-IT\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\TextConv\it-IT\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\TextConv\it-IT\2⤵
-
-
C:\Program Files (x86)\Common Files\microsoft shared\TextConv\WksConv\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\TextConv\WksConv\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\TextConv\WksConv\2⤵
-
-
C:\Program Files\Microsoft Games\SpiderSolitaire\de-DE\data.exe"C:\Program Files\Microsoft Games\SpiderSolitaire\de-DE\data.exe" C:\Program Files\Microsoft Games\SpiderSolitaire\de-DE\1⤵
-
C:\Program Files\Microsoft Games\SpiderSolitaire\ja-JP\data.exe"C:\Program Files\Microsoft Games\SpiderSolitaire\ja-JP\data.exe" C:\Program Files\Microsoft Games\SpiderSolitaire\ja-JP\1⤵
-
C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\AFTRNOON\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\AFTRNOON\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\AFTRNOON\1⤵
-
C:\Program Files\Microsoft Office\Office14\backup.exe"C:\Program Files\Microsoft Office\Office14\backup.exe" C:\Program Files\Microsoft Office\Office14\1⤵
-
C:\Program Files\Mozilla Firefox\browser\features\backup.exe"C:\Program Files\Mozilla Firefox\browser\features\backup.exe" C:\Program Files\Mozilla Firefox\browser\features\1⤵
-
C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CANYON\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CANYON\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CANYON\1⤵
-
C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CASCADE\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CASCADE\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\CASCADE\1⤵
-
C:\Program Files\Mozilla Firefox\fonts\backup.exe"C:\Program Files\Mozilla Firefox\fonts\backup.exe" C:\Program Files\Mozilla Firefox\fonts\1⤵
-
C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\DEEPBLUE\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\DEEPBLUE\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\DEEPBLUE\1⤵
-
C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ECLIPSE\data.exe"C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ECLIPSE\data.exe" C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\ECLIPSE\1⤵
-
C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\INDUST\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\INDUST\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\INDUST\1⤵
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\1⤵
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\2⤵
-
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\2⤵
-
-
C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\JOURNAL\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\JOURNAL\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\JOURNAL\1⤵
-
C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\QUAD\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\QUAD\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\QUAD\1⤵
-
C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RADIAL\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RADIAL\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\RADIAL\1⤵
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\1⤵
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\1⤵
-
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\backup.exe"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\backup.exe" C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\1⤵
-
C:\Program Files\VideoLAN\VLC\backup.exe"C:\Program Files\VideoLAN\VLC\backup.exe" C:\Program Files\VideoLAN\VLC\1⤵
-
C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\STUDIO\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\STUDIO\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\STUDIO\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\ach\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\ach\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\ach\LC_MESSAGES\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\af\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\af\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\af\LC_MESSAGES\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\am_ET\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\am_ET\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\am_ET\LC_MESSAGES\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\an\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\an\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\an\LC_MESSAGES\1⤵
-
C:\Program Files (x86)\Common Files\microsoft shared\Triedit\it-IT\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\Triedit\it-IT\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\Triedit\it-IT\1⤵
-
C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\1033\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\1033\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA7\1033\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\bn_IN\backup.exe"C:\Program Files\VideoLAN\VLC\locale\bn_IN\backup.exe" C:\Program Files\VideoLAN\VLC\locale\bn_IN\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\br\update.exe"C:\Program Files\VideoLAN\VLC\locale\br\update.exe" C:\Program Files\VideoLAN\VLC\locale\br\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\br\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\br\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\br\LC_MESSAGES\2⤵
-
-
C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\brx\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\brx\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\brx\LC_MESSAGES\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\ca\data.exe"C:\Program Files\VideoLAN\VLC\locale\ca\data.exe" C:\Program Files\VideoLAN\VLC\locale\ca\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\ca\LC_MESSAGES\update.exe"C:\Program Files\VideoLAN\VLC\locale\ca\LC_MESSAGES\update.exe" C:\Program Files\VideoLAN\VLC\locale\ca\LC_MESSAGES\2⤵
-
-
C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\ca@valencia\LC_MESSAGES\update.exe"C:\Program Files\VideoLAN\VLC\locale\ca@valencia\LC_MESSAGES\update.exe" C:\Program Files\VideoLAN\VLC\locale\ca@valencia\LC_MESSAGES\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\cgg\backup.exe"C:\Program Files\VideoLAN\VLC\locale\cgg\backup.exe" C:\Program Files\VideoLAN\VLC\locale\cgg\1⤵
-
C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\System Restore.exe"C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\System Restore.exe" C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\co\backup.exe"C:\Program Files\VideoLAN\VLC\locale\co\backup.exe" C:\Program Files\VideoLAN\VLC\locale\co\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\co\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\co\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\co\LC_MESSAGES\2⤵
-
-
C:\Program Files\VideoLAN\VLC\locale\cs\backup.exe"C:\Program Files\VideoLAN\VLC\locale\cs\backup.exe" C:\Program Files\VideoLAN\VLC\locale\cs\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\cy\backup.exe"C:\Program Files\VideoLAN\VLC\locale\cy\backup.exe" C:\Program Files\VideoLAN\VLC\locale\cy\1⤵
-
C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\BIN\1033\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\BIN\1033\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\BIN\1033\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\de\backup.exe"C:\Program Files\VideoLAN\VLC\locale\de\backup.exe" C:\Program Files\VideoLAN\VLC\locale\de\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\de\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\de\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\de\LC_MESSAGES\2⤵
-
-
C:\Program Files (x86)\Common Files\System\ado\backup.exe"C:\Program Files (x86)\Common Files\System\ado\backup.exe" C:\Program Files (x86)\Common Files\System\ado\1⤵
-
C:\Program Files (x86)\Common Files\System\ado\es-ES\backup.exe"C:\Program Files (x86)\Common Files\System\ado\es-ES\backup.exe" C:\Program Files (x86)\Common Files\System\ado\es-ES\2⤵
-
-
C:\Program Files\VideoLAN\VLC\locale\en_GB\backup.exe"C:\Program Files\VideoLAN\VLC\locale\en_GB\backup.exe" C:\Program Files\VideoLAN\VLC\locale\en_GB\1⤵
-
C:\Program Files (x86)\Common Files\System\fr-FR\backup.exe"C:\Program Files (x86)\Common Files\System\fr-FR\backup.exe" C:\Program Files (x86)\Common Files\System\fr-FR\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\et\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\et\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\et\LC_MESSAGES\1⤵
-
C:\Program Files (x86)\Common Files\System\msadc\backup.exe"C:\Program Files (x86)\Common Files\System\msadc\backup.exe" C:\Program Files (x86)\Common Files\System\msadc\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\fa\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\fa\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\fa\LC_MESSAGES\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\ff\backup.exe"C:\Program Files\VideoLAN\VLC\locale\ff\backup.exe" C:\Program Files\VideoLAN\VLC\locale\ff\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\fi\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\fi\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\fi\LC_MESSAGES\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\fur\backup.exe"C:\Program Files\VideoLAN\VLC\locale\fur\backup.exe" C:\Program Files\VideoLAN\VLC\locale\fur\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\fur\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\fur\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\fur\LC_MESSAGES\2⤵
-
-
C:\Program Files (x86)\Google\CrashReports\backup.exe"C:\Program Files (x86)\Google\CrashReports\backup.exe" C:\Program Files (x86)\Google\CrashReports\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\gu\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\gu\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\gu\LC_MESSAGES\1⤵
-
C:\Program Files (x86)\Google\Update\1.3.36.151\backup.exe"C:\Program Files (x86)\Google\Update\1.3.36.151\backup.exe" C:\Program Files (x86)\Google\Update\1.3.36.151\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\he\backup.exe"C:\Program Files\VideoLAN\VLC\locale\he\backup.exe" C:\Program Files\VideoLAN\VLC\locale\he\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\hi\backup.exe"C:\Program Files\VideoLAN\VLC\locale\hi\backup.exe" C:\Program Files\VideoLAN\VLC\locale\hi\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\hi\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\hi\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\hi\LC_MESSAGES\2⤵
-
-
C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\106.0.5249.119\backup.exe"C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\106.0.5249.119\backup.exe" C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\106.0.5249.119\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\hu\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\hu\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\hu\LC_MESSAGES\1⤵
-
C:\Program Files (x86)\Internet Explorer\en-US\backup.exe"C:\Program Files (x86)\Internet Explorer\en-US\backup.exe" C:\Program Files (x86)\Internet Explorer\en-US\1⤵
-
C:\Program Files (x86)\Internet Explorer\fr-FR\backup.exe"C:\Program Files (x86)\Internet Explorer\fr-FR\backup.exe" C:\Program Files (x86)\Internet Explorer\fr-FR\1⤵
-
C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\backup.exe"C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\backup.exe" C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\ja\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\ja\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\ja\LC_MESSAGES\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\ka\backup.exe"C:\Program Files\VideoLAN\VLC\locale\ka\backup.exe" C:\Program Files\VideoLAN\VLC\locale\ka\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\ka\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\ka\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\ka\LC_MESSAGES\2⤵
-
-
C:\Program Files\VideoLAN\VLC\locale\kab\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\kab\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\kab\LC_MESSAGES\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\kk\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\kk\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\kk\LC_MESSAGES\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\km\backup.exe"C:\Program Files\VideoLAN\VLC\locale\km\backup.exe" C:\Program Files\VideoLAN\VLC\locale\km\1⤵
-
C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\backup.exe"C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\backup.exe" C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Fonts\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\ko\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\ko\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\ko\LC_MESSAGES\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\ks_IN\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\ks_IN\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\ks_IN\LC_MESSAGES\1⤵
-
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\1033\backup.exe"C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\1033\backup.exe" C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\1033\1⤵
-
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\backup.exe"C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\backup.exe" C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\1⤵
-
C:\Program Files (x86)\Microsoft Office\Office14\backup.exe"C:\Program Files (x86)\Microsoft Office\Office14\backup.exe" C:\Program Files (x86)\Microsoft Office\Office14\1⤵
-
C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\backup.exe"C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\backup.exe" C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\2⤵
-
C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\backup.exe"C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\backup.exe" C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\3⤵
-
-
-
C:\Program Files (x86)\Microsoft Office\Office14\FORMS\backup.exe"C:\Program Files (x86)\Microsoft Office\Office14\FORMS\backup.exe" C:\Program Files (x86)\Microsoft Office\Office14\FORMS\2⤵
-
C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\backup.exe"C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\backup.exe" C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\3⤵
-
-
-
C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\backup.exe"C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\backup.exe" C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\2⤵
-
-
C:\Program Files (x86)\Microsoft Office\Office14\PROOF\backup.exe"C:\Program Files (x86)\Microsoft Office\Office14\PROOF\backup.exe" C:\Program Files (x86)\Microsoft Office\Office14\PROOF\2⤵
-
C:\Program Files (x86)\Microsoft Office\Office14\PROOF\1033\data.exe"C:\Program Files (x86)\Microsoft Office\Office14\PROOF\1033\data.exe" C:\Program Files (x86)\Microsoft Office\Office14\PROOF\1033\3⤵
-
-
C:\Program Files (x86)\Microsoft Office\Office14\PROOF\3082\backup.exe"C:\Program Files (x86)\Microsoft Office\Office14\PROOF\3082\backup.exe" C:\Program Files (x86)\Microsoft Office\Office14\PROOF\3082\3⤵
-
-
-
C:\Program Files\VideoLAN\VLC\locale\lo\backup.exe"C:\Program Files\VideoLAN\VLC\locale\lo\backup.exe" C:\Program Files\VideoLAN\VLC\locale\lo\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\lt\backup.exe"C:\Program Files\VideoLAN\VLC\locale\lt\backup.exe" C:\Program Files\VideoLAN\VLC\locale\lt\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\lv\LC_MESSAGES\System Restore.exe"C:\Program Files\VideoLAN\VLC\locale\lv\LC_MESSAGES\System Restore.exe" C:\Program Files\VideoLAN\VLC\locale\lv\LC_MESSAGES\1⤵
-
C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Biscay\backup.exe"C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Biscay\backup.exe" C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Biscay\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\ml\backup.exe"C:\Program Files\VideoLAN\VLC\locale\ml\backup.exe" C:\Program Files\VideoLAN\VLC\locale\ml\1⤵
-
C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Oasis\backup.exe"C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Oasis\backup.exe" C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Oasis\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\mn\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\mn\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\mn\LC_MESSAGES\1⤵
-
C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Slate\backup.exe"C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Slate\backup.exe" C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Slate\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\mr\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\mr\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\mr\LC_MESSAGES\1⤵
-
C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen\backup.exe"C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen\backup.exe" C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\ms\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\ms\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\ms\LC_MESSAGES\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\nb\backup.exe"C:\Program Files\VideoLAN\VLC\locale\nb\backup.exe" C:\Program Files\VideoLAN\VLC\locale\nb\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\ne\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\ne\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\ne\LC_MESSAGES\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\nl\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\nl\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\nl\LC_MESSAGES\1⤵
-
C:\Users\Admin\backup.exeC:\Users\Admin\backup.exe C:\Users\Admin\1⤵
-
C:\Users\Admin\Searches\backup.exeC:\Users\Admin\Searches\backup.exe C:\Users\Admin\Searches\2⤵
-
-
C:\Program Files\VideoLAN\VLC\locale\pl\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\pl\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\pl\LC_MESSAGES\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\pt_BR\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\pt_BR\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\pt_BR\LC_MESSAGES\1⤵
-
C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\backup.exe"C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\backup.exe" C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\pt_PT\backup.exe"C:\Program Files\VideoLAN\VLC\locale\pt_PT\backup.exe" C:\Program Files\VideoLAN\VLC\locale\pt_PT\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\ro\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\ro\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\ro\LC_MESSAGES\1⤵
-
C:\Users\Public\Documents\backup.exeC:\Users\Public\Documents\backup.exe C:\Users\Public\Documents\1⤵
-
C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\Verisign\Components\backup.exe"C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\Verisign\Components\backup.exe" C:\Program Files (x86)\Microsoft Office\Office14\Groove\Certificates\Verisign\Components\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\si\backup.exe"C:\Program Files\VideoLAN\VLC\locale\si\backup.exe" C:\Program Files\VideoLAN\VLC\locale\si\1⤵
-
C:\Users\Public\Music\Sample Music\backup.exe"C:\Users\Public\Music\Sample Music\backup.exe" C:\Users\Public\Music\Sample Music\1⤵
-
C:\Users\Public\Pictures\backup.exeC:\Users\Public\Pictures\backup.exe C:\Users\Public\Pictures\1⤵
-
C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\People\backup.exe"C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\People\backup.exe" C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\People\1⤵
-
C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Places\backup.exe"C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Places\backup.exe" C:\Program Files (x86)\Microsoft Office\Office14\Groove\Sounds\Places\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\sl\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\sl\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\sl\LC_MESSAGES\1⤵
-
C:\Users\Public\Videos\backup.exeC:\Users\Public\Videos\backup.exe C:\Users\Public\Videos\1⤵
-
C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\backup.exe"C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\backup.exe" C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\1⤵
-
C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\backup.exe"C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\backup.exe" C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\1⤵
-
C:\Windows\AppPatch\backup.exeC:\Windows\AppPatch\backup.exe C:\Windows\AppPatch\1⤵
-
C:\Windows\AppPatch\es-ES\backup.exeC:\Windows\AppPatch\es-ES\backup.exe C:\Windows\AppPatch\es-ES\2⤵
-
-
C:\Program Files\VideoLAN\VLC\locale\sr\LC_MESSAGES\data.exe"C:\Program Files\VideoLAN\VLC\locale\sr\LC_MESSAGES\data.exe" C:\Program Files\VideoLAN\VLC\locale\sr\LC_MESSAGES\1⤵
-
C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Discussion\backup.exe"C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Discussion\backup.exe" C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\Discussion\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\te\backup.exe"C:\Program Files\VideoLAN\VLC\locale\te\backup.exe" C:\Program Files\VideoLAN\VLC\locale\te\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\th\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\th\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\th\LC_MESSAGES\1⤵
-
C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Biscay\backup.exe"C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Biscay\backup.exe" C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Biscay\1⤵
-
C:\Windows\assembly\GAC\Extensibility\data.exeC:\Windows\assembly\GAC\Extensibility\data.exe C:\Windows\assembly\GAC\Extensibility\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\tt\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\tt\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\tt\LC_MESSAGES\1⤵
-
C:\Windows\assembly\GAC\Microsoft.StdFormat\backup.exeC:\Windows\assembly\GAC\Microsoft.StdFormat\backup.exe C:\Windows\assembly\GAC\Microsoft.StdFormat\1⤵
-
C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\STS2\backup.exe"C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\STS2\backup.exe" C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\STS2\1⤵
-
C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\backup.exe"C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\backup.exe" C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\1⤵
-
C:\Program Files\VideoLAN\VLC\locale\wa\backup.exe"C:\Program Files\VideoLAN\VLC\locale\wa\backup.exe" C:\Program Files\VideoLAN\VLC\locale\wa\1⤵
-
C:\Windows\assembly\GAC\MSDATASRC\backup.exeC:\Windows\assembly\GAC\MSDATASRC\backup.exe C:\Windows\assembly\GAC\MSDATASRC\1⤵
-
C:\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\2⤵
-
-
C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange\data.exe"C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange\data.exe" C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange\1⤵
-
C:\Windows\assembly\GAC_32\backup.exeC:\Windows\assembly\GAC_32\backup.exe C:\Windows\assembly\GAC_32\1⤵
-
C:\Windows\assembly\GAC_32\Microsoft.Ink\backup.exeC:\Windows\assembly\GAC_32\Microsoft.Ink\backup.exe C:\Windows\assembly\GAC_32\Microsoft.Ink\2⤵
-
-
C:\Windows\assembly\GAC_32\Microsoft.Office.Access.BusinessDataCatalog\backup.exeC:\Windows\assembly\GAC_32\Microsoft.Office.Access.BusinessDataCatalog\backup.exe C:\Windows\assembly\GAC_32\Microsoft.Office.Access.BusinessDataCatalog\2⤵
-
-
C:\Windows\assembly\GAC_32\naphlpr\backup.exeC:\Windows\assembly\GAC_32\naphlpr\backup.exe C:\Windows\assembly\GAC_32\naphlpr\2⤵
-
-
C:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Interop.Security.AzRoles\backup.exeC:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Interop.Security.AzRoles\backup.exe C:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Interop.Security.AzRoles\2⤵
-
-
C:\Windows\assembly\GAC_32\Policy.1.7.Microsoft.Ink\backup.exeC:\Windows\assembly\GAC_32\Policy.1.7.Microsoft.Ink\backup.exe C:\Windows\assembly\GAC_32\Policy.1.7.Microsoft.Ink\2⤵
-
-
C:\Windows\assembly\GAC_32\System.Printing\backup.exeC:\Windows\assembly\GAC_32\System.Printing\backup.exe C:\Windows\assembly\GAC_32\System.Printing\2⤵
-
-
C:\Program Files\VideoLAN\VLC\locale\zu\LC_MESSAGES\backup.exe"C:\Program Files\VideoLAN\VLC\locale\zu\LC_MESSAGES\backup.exe" C:\Program Files\VideoLAN\VLC\locale\zu\LC_MESSAGES\1⤵
-
C:\Windows\assembly\GAC_32\AuditPolicyGPManagedStubs.Interop\6.1.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_32\AuditPolicyGPManagedStubs.Interop\6.1.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_32\AuditPolicyGPManagedStubs.Interop\6.1.0.0__31bf3856ad364e35\1⤵
-
C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue\backup.exe"C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue\backup.exe" C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue\1⤵
-
C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\backup.exe"C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\backup.exe" C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\1⤵
-
C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\System Restore.exe"C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\System Restore.exe" C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\2⤵
-
-
C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\STS2\backup.exe"C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\STS2\backup.exe" C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\STS2\1⤵
-
C:\Windows\assembly\GAC_32\ehexthost32\6.1.0.0__31bf3856ad364e35\System Restore.exe"C:\Windows\assembly\GAC_32\ehexthost32\6.1.0.0__31bf3856ad364e35\System Restore.exe" C:\Windows\assembly\GAC_32\ehexthost32\6.1.0.0__31bf3856ad364e35\1⤵
-
C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\backup.exe"C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\backup.exe" C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\1⤵
-
C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\backup.exe"C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\backup.exe" C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\1⤵
-
C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\backup.exe"C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\backup.exe" C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\1⤵
-
C:\Windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\1⤵
-
C:\Program Files\VideoLAN\VLC\lua\intf\modules\backup.exe"C:\Program Files\VideoLAN\VLC\lua\intf\modules\backup.exe" C:\Program Files\VideoLAN\VLC\lua\intf\modules\1⤵
-
C:\Program Files\VideoLAN\VLC\lua\meta\backup.exe"C:\Program Files\VideoLAN\VLC\lua\meta\backup.exe" C:\Program Files\VideoLAN\VLC\lua\meta\1⤵
-
C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\backup.exe"C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\backup.exe" C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\1⤵
-
C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\Space Templates\backup.exe"C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\Space Templates\backup.exe" C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\Space Templates\2⤵
-
-
C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_en_31bf3856ad364e35\update.exeC:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_en_31bf3856ad364e35\update.exe C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_en_31bf3856ad364e35\1⤵
-
C:\Program Files\VideoLAN\VLC\lua\modules\backup.exe"C:\Program Files\VideoLAN\VLC\lua\modules\backup.exe" C:\Program Files\VideoLAN\VLC\lua\modules\1⤵
-
C:\Program Files\VideoLAN\VLC\lua\playlist\backup.exe"C:\Program Files\VideoLAN\VLC\lua\playlist\backup.exe" C:\Program Files\VideoLAN\VLC\lua\playlist\1⤵
-
C:\Program Files\VideoLAN\VLC\lua\sd\backup.exe"C:\Program Files\VideoLAN\VLC\lua\sd\backup.exe" C:\Program Files\VideoLAN\VLC\lua\sd\1⤵
-
C:\Program Files\VideoLAN\VLC\plugins\audio_filter\backup.exe"C:\Program Files\VideoLAN\VLC\plugins\audio_filter\backup.exe" C:\Program Files\VideoLAN\VLC\plugins\audio_filter\1⤵
-
C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.Interop\2.0.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.Interop\2.0.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.Interop\2.0.0.0__31bf3856ad364e35\1⤵
-
C:\Program Files\VideoLAN\VLC\plugins\audio_output\backup.exe"C:\Program Files\VideoLAN\VLC\plugins\audio_output\backup.exe" C:\Program Files\VideoLAN\VLC\plugins\audio_output\1⤵
-
C:\Windows\assembly\GAC_32\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop\6.1.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_32\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop\6.1.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_32\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop\6.1.0.0__31bf3856ad364e35\1⤵
-
C:\Program Files\VideoLAN\VLC\plugins\logger\backup.exe"C:\Program Files\VideoLAN\VLC\plugins\logger\backup.exe" C:\Program Files\VideoLAN\VLC\plugins\logger\1⤵
-
C:\Program Files (x86)\Microsoft Office\Stationery\backup.exe"C:\Program Files (x86)\Microsoft Office\Stationery\backup.exe" C:\Program Files (x86)\Microsoft Office\Stationery\1⤵
-
C:\Program Files\VideoLAN\VLC\plugins\misc\backup.exe"C:\Program Files\VideoLAN\VLC\plugins\misc\backup.exe" C:\Program Files\VideoLAN\VLC\plugins\misc\1⤵
-
C:\Program Files (x86)\Microsoft Office\Templates\1033\backup.exe"C:\Program Files (x86)\Microsoft Office\Templates\1033\backup.exe" C:\Program Files (x86)\Microsoft Office\Templates\1033\1⤵
-
C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\backup.exe"C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\backup.exe" C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\2⤵
-
-
C:\Program Files\VideoLAN\VLC\plugins\services_discovery\backup.exe"C:\Program Files\VideoLAN\VLC\plugins\services_discovery\backup.exe" C:\Program Files\VideoLAN\VLC\plugins\services_discovery\1⤵
-
C:\Program Files\VideoLAN\VLC\plugins\stream_extractor\backup.exe"C:\Program Files\VideoLAN\VLC\plugins\stream_extractor\backup.exe" C:\Program Files\VideoLAN\VLC\plugins\stream_extractor\1⤵
-
C:\Program Files\VideoLAN\VLC\plugins\video_chroma\System Restore.exe"C:\Program Files\VideoLAN\VLC\plugins\video_chroma\System Restore.exe" C:\Program Files\VideoLAN\VLC\plugins\video_chroma\1⤵
-
C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\backup.exeC:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\backup.exe C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\1⤵
-
C:\Program Files\Windows Mail\de-DE\backup.exe"C:\Program Files\Windows Mail\de-DE\backup.exe" C:\Program Files\Windows Mail\de-DE\1⤵
-
C:\Program Files\Windows Mail\es-ES\backup.exe"C:\Program Files\Windows Mail\es-ES\backup.exe" C:\Program Files\Windows Mail\es-ES\1⤵
-
C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\backup.exeC:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\backup.exe C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\1⤵
-
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\backup.exe"C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\backup.exe" C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1⤵
-
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\backup.exe"C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\backup.exe" C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\2⤵
-
-
C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\1⤵
-
C:\Windows\assembly\GAC_64\AuditPolicyGPManagedStubs.Interop\backup.exeC:\Windows\assembly\GAC_64\AuditPolicyGPManagedStubs.Interop\backup.exe C:\Windows\assembly\GAC_64\AuditPolicyGPManagedStubs.Interop\1⤵
-
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\backup.exe"C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\backup.exe" C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\1⤵
-
C:\Windows\assembly\GAC_64\CustomMarshalers\backup.exeC:\Windows\assembly\GAC_64\CustomMarshalers\backup.exe C:\Windows\assembly\GAC_64\CustomMarshalers\1⤵
-
C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\backup.exe"C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\backup.exe" C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\1⤵
-
C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\System Restore.exe"C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\System Restore.exe" C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\2⤵
-
-
C:\Windows\assembly\GAC_64\ISymWrapper\backup.exeC:\Windows\assembly\GAC_64\ISymWrapper\backup.exe C:\Windows\assembly\GAC_64\ISymWrapper\1⤵
-
C:\Windows\assembly\GAC_64\mcstoredb\backup.exeC:\Windows\assembly\GAC_64\mcstoredb\backup.exe C:\Windows\assembly\GAC_64\mcstoredb\1⤵
-
C:\Program Files\Windows NT\Accessories\backup.exe"C:\Program Files\Windows NT\Accessories\backup.exe" C:\Program Files\Windows NT\Accessories\1⤵
-
C:\Program Files\Windows NT\Accessories\fr-FR\backup.exe"C:\Program Files\Windows NT\Accessories\fr-FR\backup.exe" C:\Program Files\Windows NT\Accessories\fr-FR\2⤵
-
-
C:\Program Files\Windows NT\Accessories\it-IT\backup.exe"C:\Program Files\Windows NT\Accessories\it-IT\backup.exe" C:\Program Files\Windows NT\Accessories\it-IT\2⤵
-
-
C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\backup.exe"C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\backup.exe" C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\1⤵
-
C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\backup.exe"C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\backup.exe" C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\2⤵
-
-
C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\backup.exe"C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\backup.exe" C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\2⤵
-
-
C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_en_31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_en_31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_en_31bf3856ad364e35\1⤵
-
C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_fr_31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_fr_31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_fr_31bf3856ad364e35\1⤵
-
C:\Program Files\Windows NT\TableTextService\en-US\backup.exe"C:\Program Files\Windows NT\TableTextService\en-US\backup.exe" C:\Program Files\Windows NT\TableTextService\en-US\1⤵
-
C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_it_31bf3856ad364e35\System Restore.exe"C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_it_31bf3856ad364e35\System Restore.exe" C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_it_31bf3856ad364e35\1⤵
-
C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\backup.exe"C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\backup.exe" C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\1⤵
-
C:\Program Files\Windows NT\TableTextService\it-IT\System Restore.exe"C:\Program Files\Windows NT\TableTextService\it-IT\System Restore.exe" C:\Program Files\Windows NT\TableTextService\it-IT\1⤵
-
C:\Windows\assembly\GAC_64\Microsoft.Interop.Security.AzRoles\backup.exeC:\Windows\assembly\GAC_64\Microsoft.Interop.Security.AzRoles\backup.exe C:\Windows\assembly\GAC_64\Microsoft.Interop.Security.AzRoles\1⤵
-
C:\Windows\assembly\GAC_64\Microsoft.MediaCenter.iTV.Media\6.1.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.iTV.Media\6.1.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_64\Microsoft.MediaCenter.iTV.Media\6.1.0.0__31bf3856ad364e35\1⤵
-
C:\Program Files (x86)\Windows Defender\de-DE\backup.exe"C:\Program Files (x86)\Windows Defender\de-DE\backup.exe" C:\Program Files (x86)\Windows Defender\de-DE\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\update.exe"C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\update.exe" C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\es-ES\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\es-ES\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\es-ES\2⤵
-
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\es-ES\css\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\es-ES\css\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\es-ES\css\3⤵
-
-
-
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\it-IT\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\it-IT\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\it-IT\2⤵
-
-
C:\Program Files (x86)\Windows Defender\it-IT\backup.exe"C:\Program Files (x86)\Windows Defender\it-IT\backup.exe" C:\Program Files (x86)\Windows Defender\it-IT\1⤵
-
C:\Program Files (x86)\Windows Mail\de-DE\backup.exe"C:\Program Files (x86)\Windows Mail\de-DE\backup.exe" C:\Program Files (x86)\Windows Mail\de-DE\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\css\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\css\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\css\1⤵
-
C:\Windows\assembly\GAC_64\MSBuild\backup.exeC:\Windows\assembly\GAC_64\MSBuild\backup.exe C:\Windows\assembly\GAC_64\MSBuild\1⤵
-
C:\Windows\assembly\GAC_64\mscorlib\backup.exeC:\Windows\assembly\GAC_64\mscorlib\backup.exe C:\Windows\assembly\GAC_64\mscorlib\1⤵
-
C:\Program Files (x86)\Windows Media Player\en-US\backup.exe"C:\Program Files (x86)\Windows Media Player\en-US\backup.exe" C:\Program Files (x86)\Windows Media Player\en-US\1⤵
-
C:\Program Files (x86)\Windows Media Player\es-ES\backup.exe"C:\Program Files (x86)\Windows Media Player\es-ES\backup.exe" C:\Program Files (x86)\Windows Media Player\es-ES\1⤵
-
C:\Program Files (x86)\Windows Media Player\it-IT\backup.exe"C:\Program Files (x86)\Windows Media Player\it-IT\backup.exe" C:\Program Files (x86)\Windows Media Player\it-IT\1⤵
-
C:\Windows\assembly\GAC_64\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_64\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_64\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\1⤵
-
C:\Program Files (x86)\Windows Media Player\ja-JP\backup.exe"C:\Program Files (x86)\Windows Media Player\ja-JP\backup.exe" C:\Program Files (x86)\Windows Media Player\ja-JP\1⤵
-
C:\Program Files (x86)\Windows Media Player\Network Sharing\backup.exe"C:\Program Files (x86)\Windows Media Player\Network Sharing\backup.exe" C:\Program Files (x86)\Windows Media Player\Network Sharing\1⤵
-
C:\Windows\assembly\GAC_64\Policy.6.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_64\Policy.6.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_64\Policy.6.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\1⤵
-
C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\de-DE\update.exe"C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\de-DE\update.exe" C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\de-DE\1⤵
-
C:\Program Files (x86)\Windows NT\Accessories\de-DE\update.exe"C:\Program Files (x86)\Windows NT\Accessories\de-DE\update.exe" C:\Program Files (x86)\Windows NT\Accessories\de-DE\1⤵
-
C:\Program Files (x86)\Windows NT\Accessories\en-US\backup.exe"C:\Program Files (x86)\Windows NT\Accessories\en-US\backup.exe" C:\Program Files (x86)\Windows NT\Accessories\en-US\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\1⤵
-
C:\Windows\assembly\GAC_64\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_64\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_64\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\1⤵
-
C:\Windows\assembly\GAC_64\System.Transactions\backup.exeC:\Windows\assembly\GAC_64\System.Transactions\backup.exe C:\Windows\assembly\GAC_64\System.Transactions\1⤵
-
C:\Program Files (x86)\Windows NT\TableTextService\backup.exe"C:\Program Files (x86)\Windows NT\TableTextService\backup.exe" C:\Program Files (x86)\Windows NT\TableTextService\1⤵
-
C:\Program Files (x86)\Windows NT\TableTextService\en-US\backup.exe"C:\Program Files (x86)\Windows NT\TableTextService\en-US\backup.exe" C:\Program Files (x86)\Windows NT\TableTextService\en-US\2⤵
-
-
C:\Program Files (x86)\Windows NT\TableTextService\ja-JP\backup.exe"C:\Program Files (x86)\Windows NT\TableTextService\ja-JP\backup.exe" C:\Program Files (x86)\Windows NT\TableTextService\ja-JP\2⤵
-
-
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\it-IT\data.exe"C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\it-IT\data.exe" C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\it-IT\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\it-IT\css\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\it-IT\css\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\it-IT\css\2⤵
-
-
C:\Program Files (x86)\Windows Photo Viewer\en-US\backup.exe"C:\Program Files (x86)\Windows Photo Viewer\en-US\backup.exe" C:\Program Files (x86)\Windows Photo Viewer\en-US\1⤵
-
C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\ja-JP\css\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\ja-JP\css\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\ja-JP\css\1⤵
-
C:\Windows\assembly\GAC_MSIL\ComSvcConfig\backup.exeC:\Windows\assembly\GAC_MSIL\ComSvcConfig\backup.exe C:\Windows\assembly\GAC_MSIL\ComSvcConfig\1⤵
-
C:\Windows\assembly\GAC_MSIL\cscompmgd\backup.exeC:\Windows\assembly\GAC_MSIL\cscompmgd\backup.exe C:\Windows\assembly\GAC_MSIL\cscompmgd\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\de-DE\css\System Restore.exe"C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\de-DE\css\System Restore.exe" C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\de-DE\css\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\css\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\css\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\css\1⤵
-
C:\Windows\assembly\GAC_MSIL\ehCIR\backup.exeC:\Windows\assembly\GAC_MSIL\ehCIR\backup.exe C:\Windows\assembly\GAC_MSIL\ehCIR\1⤵
-
C:\Windows\assembly\GAC_MSIL\ehCIR\6.1.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\ehCIR\6.1.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\ehCIR\6.1.0.0__31bf3856ad364e35\2⤵
-
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\backup.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\backup.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\1⤵
-
C:\Windows\assembly\GAC_MSIL\ehiActivScp\backup.exeC:\Windows\assembly\GAC_MSIL\ehiActivScp\backup.exe C:\Windows\assembly\GAC_MSIL\ehiActivScp\1⤵
-
C:\Windows\assembly\GAC_MSIL\ehiActivScp\6.1.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\ehiActivScp\6.1.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\ehiActivScp\6.1.0.0__31bf3856ad364e35\2⤵
-
-
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\fr-FR\css\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\fr-FR\css\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\fr-FR\css\1⤵
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\de-DE\css\backup.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\de-DE\css\backup.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\de-DE\css\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\fr-FR\js\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\fr-FR\js\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\fr-FR\js\1⤵
-
C:\Windows\assembly\GAC_MSIL\ehiExtens\backup.exeC:\Windows\assembly\GAC_MSIL\ehiExtens\backup.exe C:\Windows\assembly\GAC_MSIL\ehiExtens\1⤵
-
C:\Windows\assembly\GAC_MSIL\ehiExtens\6.1.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\ehiExtens\6.1.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\ehiExtens\6.1.0.0__31bf3856ad364e35\2⤵
-
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\js\backup.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\js\backup.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\js\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\ja-JP\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\ja-JP\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\ja-JP\1⤵
-
C:\Windows\assembly\GAC_MSIL\ehiTVMSMusic\backup.exeC:\Windows\assembly\GAC_MSIL\ehiTVMSMusic\backup.exe C:\Windows\assembly\GAC_MSIL\ehiTVMSMusic\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\css\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\css\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\css\2⤵
-
-
C:\Windows\assembly\GAC_MSIL\ehiUserXp\6.1.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\ehiUserXp\6.1.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\ehiUserXp\6.1.0.0__31bf3856ad364e35\1⤵
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\it-IT\css\backup.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\it-IT\css\backup.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\it-IT\css\1⤵
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\it-IT\js\backup.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\it-IT\js\backup.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\it-IT\js\1⤵
-
C:\Windows\assembly\GAC_MSIL\ehiwmp\6.1.0.0__31bf3856ad364e35\update.exeC:\Windows\assembly\GAC_MSIL\ehiwmp\6.1.0.0__31bf3856ad364e35\update.exe C:\Windows\assembly\GAC_MSIL\ehiwmp\6.1.0.0__31bf3856ad364e35\1⤵
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\ja-JP\css\update.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\ja-JP\css\update.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\ja-JP\css\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\it-IT\css\update.exe"C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\it-IT\css\update.exe" C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\it-IT\css\1⤵
-
C:\Windows\assembly\GAC_MSIL\EventViewer\6.1.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\EventViewer\6.1.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\EventViewer\6.1.0.0__31bf3856ad364e35\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\ja-JP\css\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\ja-JP\css\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\ja-JP\css\1⤵
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\es-ES\backup.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\es-ES\backup.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\es-ES\1⤵
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\es-ES\js\backup.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\es-ES\js\backup.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\es-ES\js\2⤵
-
-
C:\Windows\assembly\GAC_MSIL\EventViewer.Resources\6.1.0.0_en_31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\EventViewer.Resources\6.1.0.0_en_31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\EventViewer.Resources\6.1.0.0_en_31bf3856ad364e35\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\de-DE\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\de-DE\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\de-DE\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\en-US\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\en-US\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\en-US\1⤵
-
C:\Windows\assembly\GAC_MSIL\IEExecRemote\backup.exeC:\Windows\assembly\GAC_MSIL\IEExecRemote\backup.exe C:\Windows\assembly\GAC_MSIL\IEExecRemote\1⤵
-
C:\Windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\2⤵
-
-
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\fr-FR\update.exe"C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\fr-FR\update.exe" C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\fr-FR\1⤵
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\it-IT\css\backup.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\it-IT\css\backup.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\it-IT\css\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\js\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\js\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\js\1⤵
-
C:\Windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\1⤵
-
C:\Windows\assembly\GAC_MSIL\ipdmctrl\backup.exeC:\Windows\assembly\GAC_MSIL\ipdmctrl\backup.exe C:\Windows\assembly\GAC_MSIL\ipdmctrl\1⤵
-
C:\Windows\assembly\GAC_MSIL\ipdmctrl\11.0.0.0__71e9bce111e9429c\backup.exeC:\Windows\assembly\GAC_MSIL\ipdmctrl\11.0.0.0__71e9bce111e9429c\backup.exe C:\Windows\assembly\GAC_MSIL\ipdmctrl\11.0.0.0__71e9bce111e9429c\2⤵
-
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\de-DE\css\backup.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\de-DE\css\backup.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\de-DE\css\1⤵
-
C:\Windows\Branding\Basebrd\backup.exeC:\Windows\Branding\Basebrd\backup.exe C:\Windows\Branding\Basebrd\1⤵
-
C:\Windows\Branding\Basebrd\de-DE\backup.exeC:\Windows\Branding\Basebrd\de-DE\backup.exe C:\Windows\Branding\Basebrd\de-DE\2⤵
-
-
C:\Windows\Branding\Basebrd\ja-JP\backup.exeC:\Windows\Branding\Basebrd\ja-JP\backup.exe C:\Windows\Branding\Basebrd\ja-JP\2⤵
-
-
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\update.exe"C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\update.exe" C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\es-ES\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\es-ES\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\es-ES\1⤵
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\es-ES\backup.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\es-ES\backup.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\es-ES\1⤵
-
C:\Windows\assembly\GAC_MSIL\mcglidhostobj\6.1.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\mcglidhostobj\6.1.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\mcglidhostobj\6.1.0.0__31bf3856ad364e35\1⤵
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\fr-FR\js\backup.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\fr-FR\js\backup.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\fr-FR\js\1⤵
-
C:\Windows\assembly\GAC_MSIL\mcplayerinterop\backup.exeC:\Windows\assembly\GAC_MSIL\mcplayerinterop\backup.exe C:\Windows\assembly\GAC_MSIL\mcplayerinterop\1⤵
-
C:\Windows\assembly\GAC_MSIL\mcplayerinterop\6.1.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\mcplayerinterop\6.1.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\mcplayerinterop\6.1.0.0__31bf3856ad364e35\2⤵
-
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\it-IT\data.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\it-IT\data.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\it-IT\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\it-IT\data.exe"C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\it-IT\data.exe" C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\it-IT\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\it-IT\js\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\it-IT\js\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\it-IT\js\2⤵
-
-
C:\Windows\de-DE\backup.exeC:\Windows\de-DE\backup.exe C:\Windows\de-DE\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.ApplicationId.Framework\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.ApplicationId.Framework\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.ApplicationId.Framework\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\ja-JP\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\ja-JP\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\ja-JP\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\ja-JP\css\System Restore.exe"C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\ja-JP\css\System Restore.exe" C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\ja-JP\css\2⤵
-
-
C:\Windows\DigitalLocker\de-DE\update.exeC:\Windows\DigitalLocker\de-DE\update.exe C:\Windows\DigitalLocker\de-DE\1⤵
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\ja-JP\System Restore.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\ja-JP\System Restore.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\ja-JP\1⤵
-
C:\Windows\DigitalLocker\fr-FR\backup.exeC:\Windows\DigitalLocker\fr-FR\backup.exe C:\Windows\DigitalLocker\fr-FR\1⤵
-
C:\Windows\DigitalLocker\it-IT\backup.exeC:\Windows\DigitalLocker\it-IT\backup.exe C:\Windows\DigitalLocker\it-IT\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\1⤵
-
C:\Windows\Downloaded Program Files\backup.exe"C:\Windows\Downloaded Program Files\backup.exe" C:\Windows\Downloaded Program Files\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.ApplicationId.Framework.Resources\6.1.0.0_fr_31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.ApplicationId.Framework.Resources\6.1.0.0_fr_31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.ApplicationId.Framework.Resources\6.1.0.0_fr_31bf3856ad364e35\1⤵
-
C:\Windows\ehome\backup.exeC:\Windows\ehome\backup.exe C:\Windows\ehome\1⤵
-
C:\Windows\ehome\CreateDisc\backup.exeC:\Windows\ehome\CreateDisc\backup.exe C:\Windows\ehome\CreateDisc\2⤵
-
C:\Windows\ehome\CreateDisc\Components\backup.exeC:\Windows\ehome\CreateDisc\Components\backup.exe C:\Windows\ehome\CreateDisc\Components\3⤵
-
C:\Windows\ehome\CreateDisc\Components\tables\backup.exeC:\Windows\ehome\CreateDisc\Components\tables\backup.exe C:\Windows\ehome\CreateDisc\Components\tables\4⤵
-
-
-
C:\Windows\ehome\CreateDisc\Filters\backup.exeC:\Windows\ehome\CreateDisc\Filters\backup.exe C:\Windows\ehome\CreateDisc\Filters\3⤵
-
-
C:\Windows\ehome\CreateDisc\SonicResources\backup.exeC:\Windows\ehome\CreateDisc\SonicResources\backup.exe C:\Windows\ehome\CreateDisc\SonicResources\3⤵
-
-
-
C:\Windows\ehome\de-DE\backup.exeC:\Windows\ehome\de-DE\backup.exe C:\Windows\ehome\de-DE\2⤵
-
-
C:\Windows\ehome\es-ES\backup.exeC:\Windows\ehome\es-ES\backup.exe C:\Windows\ehome\es-ES\2⤵
-
-
C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\es-ES\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\es-ES\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\es-ES\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\es-ES\js\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\es-ES\js\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\es-ES\js\2⤵
-
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\es-ES\backup.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\es-ES\backup.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\es-ES\1⤵
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\es-ES\css\backup.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\es-ES\css\backup.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\es-ES\css\2⤵
-
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\es-ES\js\backup.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\es-ES\js\backup.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\es-ES\js\2⤵
-
-
C:\Windows\assembly\GAC_MSIL\Microsoft.ApplicationId.RuleWizard.Resources\6.1.0.0_de_31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.ApplicationId.RuleWizard.Resources\6.1.0.0_de_31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.ApplicationId.RuleWizard.Resources\6.1.0.0_de_31bf3856ad364e35\1⤵
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\fr-FR\backup.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\fr-FR\backup.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\fr-FR\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\it-IT\js\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\it-IT\js\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\it-IT\js\1⤵
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\backup.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\backup.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.ApplicationId.RuleWizard.Resources\6.1.0.0_fr_31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.ApplicationId.RuleWizard.Resources\6.1.0.0_fr_31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.ApplicationId.RuleWizard.Resources\6.1.0.0_fr_31bf3856ad364e35\1⤵
-
C:\Windows\ehome\CreateDisc\Styles\NTSC\Symphony\update.exeC:\Windows\ehome\CreateDisc\Styles\NTSC\Symphony\update.exe C:\Windows\ehome\CreateDisc\Styles\NTSC\Symphony\1⤵
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\it-IT\backup.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\it-IT\backup.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\it-IT\1⤵
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\it-IT\css\update.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\it-IT\css\update.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\it-IT\css\2⤵
-
-
C:\Windows\assembly\GAC_MSIL\Microsoft.ApplicationId.RuleWizard.Resources\6.1.0.0_it_31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.ApplicationId.RuleWizard.Resources\6.1.0.0_it_31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.ApplicationId.RuleWizard.Resources\6.1.0.0_it_31bf3856ad364e35\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.ApplicationId.RuleWizard.Resources\6.1.0.0_ja_31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.ApplicationId.RuleWizard.Resources\6.1.0.0_ja_31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.ApplicationId.RuleWizard.Resources\6.1.0.0_ja_31bf3856ad364e35\1⤵
-
C:\Windows\ehome\CreateDisc\Styles\PAL\Symphony\backup.exeC:\Windows\ehome\CreateDisc\Styles\PAL\Symphony\backup.exe C:\Windows\ehome\CreateDisc\Styles\PAL\Symphony\1⤵
-
C:\Windows\ehome\CreateDisc\Styles\PAL\Symphony\Symphony\backup.exeC:\Windows\ehome\CreateDisc\Styles\PAL\Symphony\Symphony\backup.exe C:\Windows\ehome\CreateDisc\Styles\PAL\Symphony\Symphony\2⤵
-
-
C:\Windows\assembly\GAC_MSIL\Microsoft.BackgroundIntelligentTransfer.Management.Resources\1.0.0.0_de_31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.BackgroundIntelligentTransfer.Management.Resources\1.0.0.0_de_31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.BackgroundIntelligentTransfer.Management.Resources\1.0.0.0_de_31bf3856ad364e35\1⤵
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\es-ES\js\System Restore.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\es-ES\js\System Restore.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\es-ES\js\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\1⤵
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\it-IT\update.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\it-IT\update.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\it-IT\1⤵
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\it-IT\js\backup.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\it-IT\js\backup.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\it-IT\js\2⤵
-
-
C:\Windows\es-ES\backup.exeC:\Windows\es-ES\backup.exe C:\Windows\es-ES\1⤵
-
C:\Windows\Fonts\backup.exeC:\Windows\Fonts\backup.exe C:\Windows\Fonts\1⤵
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\ja-JP\backup.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\ja-JP\backup.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\ja-JP\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\de-DE\js\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\de-DE\js\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\de-DE\js\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\1⤵
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\de-DE\css\backup.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\de-DE\css\backup.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\de-DE\css\1⤵
-
C:\Windows\Help\data.exeC:\Windows\Help\data.exe C:\Windows\Help\1⤵
-
C:\Windows\Help\Corporate\backup.exeC:\Windows\Help\Corporate\backup.exe C:\Windows\Help\Corporate\2⤵
-
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_de_b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_de_b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_de_b03f5f7f11d50a3a\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\es-ES\css\data.exe"C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\es-ES\css\data.exe" C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\es-ES\css\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\1⤵
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\fr-FR\backup.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\fr-FR\backup.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\fr-FR\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\fr-FR\js\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\fr-FR\js\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\fr-FR\js\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\update.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\update.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\2⤵
-
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\backup.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\backup.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\1⤵
-
C:\Windows\Help\mui\0409\backup.exeC:\Windows\Help\mui\0409\backup.exe C:\Windows\Help\mui\0409\1⤵
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\it-IT\css\backup.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\it-IT\css\backup.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\it-IT\css\1⤵
-
C:\Windows\assembly\GAC_MSIL\microsoft.build.utilities.resources\2.0.0.0_es_b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_MSIL\microsoft.build.utilities.resources\2.0.0.0_es_b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_MSIL\microsoft.build.utilities.resources\2.0.0.0_es_b03f5f7f11d50a3a\1⤵
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\it-IT\js\backup.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\it-IT\js\backup.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\it-IT\js\1⤵
-
C:\Windows\assembly\GAC_MSIL\microsoft.build.utilities.resources\2.0.0.0_fr_b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_MSIL\microsoft.build.utilities.resources\2.0.0.0_fr_b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_MSIL\microsoft.build.utilities.resources\2.0.0.0_fr_b03f5f7f11d50a3a\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\ja-JP\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\ja-JP\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\ja-JP\1⤵
-
C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\ja-JP\js\backup.exe"C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\ja-JP\js\backup.exe" C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\ja-JP\js\2⤵
-
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\ja-JP\css\backup.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\ja-JP\css\backup.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\ja-JP\css\1⤵
-
C:\Windows\Help\mui\0C0A\backup.exeC:\Windows\Help\mui\0C0A\backup.exe C:\Windows\Help\mui\0C0A\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\1⤵
-
C:\Windows\Help\Windows\en-US\backup.exeC:\Windows\Help\Windows\en-US\backup.exe C:\Windows\Help\Windows\en-US\1⤵
-
C:\Windows\Help\Windows\fr-FR\backup.exeC:\Windows\Help\Windows\fr-FR\backup.exe C:\Windows\Help\Windows\fr-FR\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.GroupPolicy.Reporting\2.0.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.GroupPolicy.Reporting\2.0.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.GroupPolicy.Reporting\2.0.0.0__31bf3856ad364e35\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Ink.Resources\6.1.0.0_es_31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Ink.Resources\6.1.0.0_es_31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Ink.Resources\6.1.0.0_es_31bf3856ad364e35\1⤵
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\it-IT\backup.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\it-IT\backup.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\it-IT\1⤵
-
C:\Windows\IME\imekr8\help\backup.exeC:\Windows\IME\imekr8\help\backup.exe C:\Windows\IME\imekr8\help\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Ink.Resources\6.1.0.0_it_31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Ink.Resources\6.1.0.0_it_31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Ink.Resources\6.1.0.0_it_31bf3856ad364e35\1⤵
-
C:\Windows\IME\IMETC10\backup.exeC:\Windows\IME\IMETC10\backup.exe C:\Windows\IME\IMETC10\1⤵
-
C:\Windows\IME\IMETC10\HELP\backup.exeC:\Windows\IME\IMETC10\HELP\backup.exe C:\Windows\IME\IMETC10\HELP\2⤵
-
-
C:\Windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\1⤵
-
C:\Windows\inf\ASP.NET\0000\backup.exeC:\Windows\inf\ASP.NET\0000\backup.exe C:\Windows\inf\ASP.NET\0000\1⤵
-
C:\Windows\inf\ASP.NET\0006\backup.exeC:\Windows\inf\ASP.NET\0006\backup.exe C:\Windows\inf\ASP.NET\0006\1⤵
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\fr-FR\js\backup.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\fr-FR\js\backup.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\fr-FR\js\1⤵
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\backup.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\backup.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\1⤵
-
C:\Windows\inf\ASP.NET\0009\System Restore.exe"C:\Windows\inf\ASP.NET\0009\System Restore.exe" C:\Windows\inf\ASP.NET\0009\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.MediaCenter\data.exeC:\Windows\assembly\GAC_MSIL\Microsoft.MediaCenter\data.exe C:\Windows\assembly\GAC_MSIL\Microsoft.MediaCenter\1⤵
-
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\it-IT\data.exe"C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\it-IT\data.exe" C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\it-IT\1⤵
-
C:\Windows\inf\ASP.NET\000D\backup.exeC:\Windows\inf\ASP.NET\000D\backup.exe C:\Windows\inf\ASP.NET\000D\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.MediaCenter.iTV\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.MediaCenter.iTV\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.MediaCenter.iTV\1⤵
-
C:\Program Files (x86)\Windows Sidebar\it-IT\backup.exe"C:\Program Files (x86)\Windows Sidebar\it-IT\backup.exe" C:\Program Files (x86)\Windows Sidebar\it-IT\1⤵
-
C:\Program Files (x86)\Windows Sidebar\ja-JP\backup.exe"C:\Program Files (x86)\Windows Sidebar\ja-JP\backup.exe" C:\Program Files (x86)\Windows Sidebar\ja-JP\1⤵
-
C:\Windows\inf\ASP.NET\0014\backup.exeC:\Windows\inf\ASP.NET\0014\backup.exe C:\Windows\inf\ASP.NET\0014\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.MediaCenter.Shell\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.MediaCenter.Shell\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.MediaCenter.Shell\1⤵
-
C:\Windows\inf\ASP.NET\001D\backup.exeC:\Windows\inf\ASP.NET\001D\backup.exe C:\Windows\inf\ASP.NET\001D\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.MediaCenter.Sports\6.1.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.MediaCenter.Sports\6.1.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.MediaCenter.Sports\6.1.0.0__31bf3856ad364e35\1⤵
-
C:\Windows\inf\ASP.NET\0416\backup.exeC:\Windows\inf\ASP.NET\0416\backup.exe C:\Windows\inf\ASP.NET\0416\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.MediaCenter.UI\6.1.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.MediaCenter.UI\6.1.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.MediaCenter.UI\6.1.0.0__31bf3856ad364e35\1⤵
-
C:\Windows\inf\ASP.NET\0804\backup.exeC:\Windows\inf\ASP.NET\0804\backup.exe C:\Windows\inf\ASP.NET\0804\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.Diagnostics\14.0.0.0__71e9bce111e9429c\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.Diagnostics\14.0.0.0__71e9bce111e9429c\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.Diagnostics\14.0.0.0__71e9bce111e9429c\1⤵
-
C:\Windows\inf\ASP.NET_4.0.30319\0000\backup.exeC:\Windows\inf\ASP.NET_4.0.30319\0000\backup.exe C:\Windows\inf\ASP.NET_4.0.30319\0000\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.Runtime\14.0.0.0__71e9bce111e9429c\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.Runtime\14.0.0.0__71e9bce111e9429c\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.Runtime\14.0.0.0__71e9bce111e9429c\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.Runtime.Intl\14.0.0.0__71e9bce111e9429c\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.Runtime.Intl\14.0.0.0__71e9bce111e9429c\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.Runtime.Intl\14.0.0.0__71e9bce111e9429c\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.RuntimeUi\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.RuntimeUi\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.RuntimeUi\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.RuntimeUi.Intl\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.RuntimeUi.Intl\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.RuntimeUi.Intl\1⤵
-
C:\Windows\inf\ASP.NET_4.0.30319\000A\backup.exeC:\Windows\inf\ASP.NET_4.0.30319\000A\backup.exe C:\Windows\inf\ASP.NET_4.0.30319\000A\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\2⤵
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\2⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\5f1a06c0108b2c81cde1dc491d74043d\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\5f1a06c0108b2c81cde1dc491d74043d\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\5f1a06c0108b2c81cde1dc491d74043d\3⤵
-
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\ehiExtens\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\ehiExtens\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\ehiExtens\2⤵
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\ehiUserXp\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\ehiUserXp\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\ehiUserXp\2⤵
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\2⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\c359669d601990310a6b30ab5992ffa8\data.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\c359669d601990310a6b30ab5992ffa8\data.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\c359669d601990310a6b30ab5992ffa8\3⤵
-
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Applicati#\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Applicati#\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Applicati#\2⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Applicati#\cdb429c8c7738b77dd919b4b917b2078\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Applicati#\cdb429c8c7738b77dd919b4b917b2078\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Applicati#\cdb429c8c7738b77dd919b4b917b2078\3⤵
-
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\2⤵
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\2⤵
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\2⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\047c9c4a6b9dcd9d1985b95e0f4f1daa\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\047c9c4a6b9dcd9d1985b95e0f4f1daa\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\047c9c4a6b9dcd9d1985b95e0f4f1daa\3⤵
-
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\2⤵
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\2⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\af058f98427f47670e70468a36d84ee4\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\af058f98427f47670e70468a36d84ee4\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\af058f98427f47670e70468a36d84ee4\3⤵
-
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\2⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\a415a146afc72f13f691f69a11ab5609\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\a415a146afc72f13f691f69a11ab5609\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\a415a146afc72f13f691f69a11ab5609\3⤵
-
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\2⤵
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\2⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\569e273efda8306ec7e22143d5285476\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\569e273efda8306ec7e22143d5285476\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\569e273efda8306ec7e22143d5285476\3⤵
-
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\MMCEx\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\MMCEx\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\MMCEx\2⤵
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\2⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\18e41c018ceff36c2512d12f570f0be7\data.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\18e41c018ceff36c2512d12f570f0be7\data.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\18e41c018ceff36c2512d12f570f0be7\3⤵
-
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\MSBuild\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\MSBuild\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\MSBuild\2⤵
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\System Restore.exe"C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\System Restore.exe" C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\2⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\c0a8f3f379d7a62a032783cc4e04a4dd\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\c0a8f3f379d7a62a032783cc4e04a4dd\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\c0a8f3f379d7a62a032783cc4e04a4dd\3⤵
-
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\2⤵
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\2⤵
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\2⤵
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\System\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2⤵
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\2⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\907f5045e26c39e1ae48024201b6334d\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\907f5045e26c39e1ae48024201b6334d\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\907f5045e26c39e1ae48024201b6334d\3⤵
-
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2⤵
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5cae93d923c8378370758489e5535820\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5cae93d923c8378370758489e5535820\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5cae93d923c8378370758489e5535820\3⤵
-
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2⤵
-
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.SyncServices.Intl\14.0.0.0__71e9bce111e9429c\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.SyncServices.Intl\14.0.0.0__71e9bce111e9429c\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.SyncServices.Intl\14.0.0.0__71e9bce111e9429c\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.Tools.AutoGen\14.0.0.0__71e9bce111e9429c\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.Tools.AutoGen\14.0.0.0__71e9bce111e9429c\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.Tools.AutoGen\14.0.0.0__71e9bce111e9429c\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\AuditPolicyGPManage#\a0a453714c9ec8d6954490f711f5158a\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\AuditPolicyGPManage#\a0a453714c9ec8d6954490f711f5158a\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\AuditPolicyGPManage#\a0a453714c9ec8d6954490f711f5158a\1⤵
-
C:\Windows\inf\ASP.NET_4.0.30319\0013\System Restore.exe"C:\Windows\inf\ASP.NET_4.0.30319\0013\System Restore.exe" C:\Windows\inf\ASP.NET_4.0.30319\0013\1⤵
-
C:\Windows\inf\ASP.NET_4.0.30319\0014\update.exeC:\Windows\inf\ASP.NET_4.0.30319\0014\update.exe C:\Windows\inf\ASP.NET_4.0.30319\0014\1⤵
-
C:\Windows\inf\ASP.NET_4.0.30319\0015\backup.exeC:\Windows\inf\ASP.NET_4.0.30319\0015\backup.exe C:\Windows\inf\ASP.NET_4.0.30319\0015\1⤵
-
C:\Windows\inf\ASP.NET_4.0.30319\001F\backup.exeC:\Windows\inf\ASP.NET_4.0.30319\001F\backup.exe C:\Windows\inf\ASP.NET_4.0.30319\001F\1⤵
-
C:\Windows\inf\ASP.NET_4.0.30319\0404\backup.exeC:\Windows\inf\ASP.NET_4.0.30319\0404\backup.exe C:\Windows\inf\ASP.NET_4.0.30319\0404\1⤵
-
C:\Windows\inf\ASP.NET_4.0.30319\0804\update.exeC:\Windows\inf\ASP.NET_4.0.30319\0804\update.exe C:\Windows\inf\ASP.NET_4.0.30319\0804\1⤵
-
C:\Windows\inf\ASP.NET_4.0.30319\0816\backup.exeC:\Windows\inf\ASP.NET_4.0.30319\0816\backup.exe C:\Windows\inf\ASP.NET_4.0.30319\0816\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\dfsvc\2c3e7fda8de40e45e7f5e004094dc7c9\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\dfsvc\2c3e7fda8de40e45e7f5e004094dc7c9\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\dfsvc\2c3e7fda8de40e45e7f5e004094dc7c9\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Client.Internal.Host\14.0.0.0__71e9bce111e9429c\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Client.Internal.Host\14.0.0.0__71e9bce111e9429c\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Client.Internal.Host\14.0.0.0__71e9bce111e9429c\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.FormControl\data.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.FormControl\data.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.FormControl\1⤵
-
C:\Windows\inf\aspnet_state\backup.exeC:\Windows\inf\aspnet_state\backup.exe C:\Windows\inf\aspnet_state\1⤵
-
C:\Windows\inf\aspnet_state\0006\backup.exeC:\Windows\inf\aspnet_state\0006\backup.exe C:\Windows\inf\aspnet_state\0006\2⤵
-
-
C:\Windows\inf\aspnet_state\0009\backup.exeC:\Windows\inf\aspnet_state\0009\backup.exe C:\Windows\inf\aspnet_state\0009\2⤵
-
-
C:\Windows\inf\aspnet_state\000D\backup.exeC:\Windows\inf\aspnet_state\000D\backup.exe C:\Windows\inf\aspnet_state\000D\2⤵
-
-
C:\Windows\inf\aspnet_state\0010\backup.exeC:\Windows\inf\aspnet_state\0010\backup.exe C:\Windows\inf\aspnet_state\0010\2⤵
-
-
C:\Windows\inf\aspnet_state\0012\backup.exeC:\Windows\inf\aspnet_state\0012\backup.exe C:\Windows\inf\aspnet_state\0012\2⤵
-
-
C:\Windows\inf\aspnet_state\0019\backup.exeC:\Windows\inf\aspnet_state\0019\backup.exe C:\Windows\inf\aspnet_state\0019\2⤵
-
-
C:\Windows\inf\aspnet_state\001F\backup.exeC:\Windows\inf\aspnet_state\001F\backup.exe C:\Windows\inf\aspnet_state\001F\2⤵
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\ehExtHost32\c899de3549784161aa66610d5735e4f0\update.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\ehExtHost32\c899de3549784161aa66610d5735e4f0\update.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\ehExtHost32\c899de3549784161aa66610d5735e4f0\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Access\14.0.0.0__71e9bce111e9429c\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Access\14.0.0.0__71e9bce111e9429c\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Access\14.0.0.0__71e9bce111e9429c\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\ehiVidCtl\e05e6f6ef788b8973bbedf258216c972\data.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\ehiVidCtl\e05e6f6ef788b8973bbedf258216c972\data.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\ehiVidCtl\e05e6f6ef788b8973bbedf258216c972\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Access.Dao\data.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Access.Dao\data.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Access.Dao\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Access.Dao\14.0.0.0__71e9bce111e9429c\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Access.Dao\14.0.0.0__71e9bce111e9429c\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Access.Dao\14.0.0.0__71e9bce111e9429c\2⤵
-
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.InfoPath\14.0.0.0__71e9bce111e9429c\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.InfoPath\14.0.0.0__71e9bce111e9429c\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.InfoPath\14.0.0.0__71e9bce111e9429c\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.OneNote\12.0.0.0__71e9bce111e9429c\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.OneNote\12.0.0.0__71e9bce111e9429c\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.OneNote\12.0.0.0__71e9bce111e9429c\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.OneNote\14.0.0.0__71e9bce111e9429c\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.OneNote\14.0.0.0__71e9bce111e9429c\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.OneNote\14.0.0.0__71e9bce111e9429c\1⤵
-
C:\Windows\inf\BITS\0407\backup.exeC:\Windows\inf\BITS\0407\backup.exe C:\Windows\inf\BITS\0407\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Outlook\14.0.0.0__71e9bce111e9429c\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Outlook\14.0.0.0__71e9bce111e9429c\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Outlook\14.0.0.0__71e9bce111e9429c\1⤵
-
C:\Windows\inf\BITS\040C\backup.exeC:\Windows\inf\BITS\040C\backup.exe C:\Windows\inf\BITS\040C\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.OutlookViewCtl\14.0.0.0__71e9bce111e9429c\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.OutlookViewCtl\14.0.0.0__71e9bce111e9429c\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.OutlookViewCtl\14.0.0.0__71e9bce111e9429c\1⤵
-
C:\Windows\inf\BITS\0411\backup.exeC:\Windows\inf\BITS\0411\backup.exe C:\Windows\inf\BITS\0411\1⤵
-
C:\Windows\inf\ESENT\0409\backup.exeC:\Windows\inf\ESENT\0409\backup.exe C:\Windows\inf\ESENT\0409\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.BusinessD#\42c8856d883c21388965cd6c8a8b54a1\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.BusinessD#\42c8856d883c21388965cd6c8a8b54a1\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.BusinessD#\42c8856d883c21388965cd6c8a8b54a1\1⤵
-
C:\Windows\inf\ESENT\040C\backup.exeC:\Windows\inf\ESENT\040C\backup.exe C:\Windows\inf\ESENT\040C\1⤵
-
C:\Windows\inf\ESENT\0410\backup.exeC:\Windows\inf\ESENT\0410\backup.exe C:\Windows\inf\ESENT\0410\1⤵
-
C:\Windows\inf\ESENT\0411\System Restore.exe"C:\Windows\inf\ESENT\0411\System Restore.exe" C:\Windows\inf\ESENT\0411\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Office.Tools.v9.0\9.0.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Office.Tools.v9.0\9.0.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Office.Tools.v9.0\9.0.0.0__b03f5f7f11d50a3a\1⤵
-
C:\Windows\inf\MSDTC\0000\backup.exeC:\Windows\inf\MSDTC\0000\backup.exe C:\Windows\inf\MSDTC\0000\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Diagnostics.Resources\1.0.0.0_es_31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Diagnostics.Resources\1.0.0.0_es_31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Diagnostics.Resources\1.0.0.0_es_31bf3856ad364e35\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Diagnostics.Resources\1.0.0.0_it_31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Diagnostics.Resources\1.0.0.0_it_31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Diagnostics.Resources\1.0.0.0_it_31bf3856ad364e35\1⤵
-
C:\Windows\inf\MSDTC Bridge 3.0.0.0\0407\backup.exe"C:\Windows\inf\MSDTC Bridge 3.0.0.0\0407\backup.exe" C:\Windows\inf\MSDTC Bridge 3.0.0.0\0407\1⤵
-
C:\Windows\inf\MSDTC Bridge 3.0.0.0\0409\backup.exe"C:\Windows\inf\MSDTC Bridge 3.0.0.0\0409\backup.exe" C:\Windows\inf\MSDTC Bridge 3.0.0.0\0409\1⤵
-
C:\Windows\inf\MSDTC Bridge 3.0.0.0\0410\backup.exe"C:\Windows\inf\MSDTC Bridge 3.0.0.0\0410\backup.exe" C:\Windows\inf\MSDTC Bridge 3.0.0.0\0410\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\4aea15334e123949e180d21d22095b1d\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\4aea15334e123949e180d21d22095b1d\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\4aea15334e123949e180d21d22095b1d\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\ff7aa68fbf75e4b7ca80813225c3db01\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\ff7aa68fbf75e4b7ca80813225c3db01\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\ff7aa68fbf75e4b7ca80813225c3db01\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management.Resources\1.0.0.0_es_31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management.Resources\1.0.0.0_es_31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management.Resources\1.0.0.0_es_31bf3856ad364e35\1⤵
-
C:\Windows\inf\MSDTC Bridge 4.0.0.0\0005\backup.exe"C:\Windows\inf\MSDTC Bridge 4.0.0.0\0005\backup.exe" C:\Windows\inf\MSDTC Bridge 4.0.0.0\0005\1⤵
-
C:\Windows\inf\MSDTC Bridge 4.0.0.0\0006\backup.exe"C:\Windows\inf\MSDTC Bridge 4.0.0.0\0006\backup.exe" C:\Windows\inf\MSDTC Bridge 4.0.0.0\0006\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management.Resources\1.0.0.0_ja_31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management.Resources\1.0.0.0_ja_31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management.Resources\1.0.0.0_ja_31bf3856ad364e35\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\6cc1334749f85cce651642f0a8260892\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\6cc1334749f85cce651642f0a8260892\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\6cc1334749f85cce651642f0a8260892\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\8ce205027e30804d1b2deaffa0582735\System Restore.exe"C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\8ce205027e30804d1b2deaffa0582735\System Restore.exe" C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\8ce205027e30804d1b2deaffa0582735\1⤵
-
C:\Windows\inf\MSDTC Bridge 4.0.0.0\000B\backup.exe"C:\Windows\inf\MSDTC Bridge 4.0.0.0\000B\backup.exe" C:\Windows\inf\MSDTC Bridge 4.0.0.0\000B\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\e998eeb1548ffd53b39dcde50d196ab7\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\e998eeb1548ffd53b39dcde50d196ab7\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\e998eeb1548ffd53b39dcde50d196ab7\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility.Resources\1.0.0.0_it_31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility.Resources\1.0.0.0_it_31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility.Resources\1.0.0.0_it_31bf3856ad364e35\1⤵
-
C:\Windows\inf\MSDTC Bridge 4.0.0.0\000D\backup.exe"C:\Windows\inf\MSDTC Bridge 4.0.0.0\000D\backup.exe" C:\Windows\inf\MSDTC Bridge 4.0.0.0\000D\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility.Resources\1.0.0.0_ja_31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility.Resources\1.0.0.0_ja_31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility.Resources\1.0.0.0_ja_31bf3856ad364e35\1⤵
-
C:\Windows\inf\MSDTC Bridge 4.0.0.0\0010\backup.exe"C:\Windows\inf\MSDTC Bridge 4.0.0.0\0010\backup.exe" C:\Windows\inf\MSDTC Bridge 4.0.0.0\0010\1⤵
-
C:\Windows\inf\MSDTC Bridge 4.0.0.0\0012\backup.exe"C:\Windows\inf\MSDTC Bridge 4.0.0.0\0012\backup.exe" C:\Windows\inf\MSDTC Bridge 4.0.0.0\0012\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost.Resources\1.0.0.0_de_31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost.Resources\1.0.0.0_de_31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost.Resources\1.0.0.0_de_31bf3856ad364e35\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost.Resources\1.0.0.0_fr_31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost.Resources\1.0.0.0_fr_31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost.Resources\1.0.0.0_fr_31bf3856ad364e35\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost.Resources\1.0.0.0_it_31bf3856ad364e35\update.exeC:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost.Resources\1.0.0.0_it_31bf3856ad364e35\update.exe C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost.Resources\1.0.0.0_it_31bf3856ad364e35\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\08d608378aa405adc844f3cf36974b8c\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\08d608378aa405adc844f3cf36974b8c\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\08d608378aa405adc844f3cf36974b8c\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Editor.Resources\1.0.0.0_en_31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Editor.Resources\1.0.0.0_en_31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Editor.Resources\1.0.0.0_en_31bf3856ad364e35\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Editor.Resources\1.0.0.0_fr_31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Editor.Resources\1.0.0.0_fr_31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Editor.Resources\1.0.0.0_fr_31bf3856ad364e35\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Editor.Resources\1.0.0.0_ja_31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Editor.Resources\1.0.0.0_ja_31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Editor.Resources\1.0.0.0_ja_31bf3856ad364e35\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\0a5d39e601d2512b483a56408c3cec05\update.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\0a5d39e601d2512b483a56408c3cec05\update.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\0a5d39e601d2512b483a56408c3cec05\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.GPowerShell.Resources\1.0.0.0_fr_31bf3856ad364e35\System Restore.exe"C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.GPowerShell.Resources\1.0.0.0_fr_31bf3856ad364e35\System Restore.exe" C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.GPowerShell.Resources\1.0.0.0_fr_31bf3856ad364e35\1⤵
-
C:\Windows\inf\PNRPSvc\0409\backup.exeC:\Windows\inf\PNRPSvc\0409\backup.exe C:\Windows\inf\PNRPSvc\0409\1⤵
-
C:\Windows\inf\PNRPSvc\0410\backup.exeC:\Windows\inf\PNRPSvc\0410\backup.exe C:\Windows\inf\PNRPSvc\0410\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.GraphicalHost.Resources\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.GraphicalHost.Resources\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.GraphicalHost.Resources\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.GraphicalHost.Resources\1.0.0.0_de_31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.GraphicalHost.Resources\1.0.0.0_de_31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.GraphicalHost.Resources\1.0.0.0_de_31bf3856ad364e35\2⤵
-
-
C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.GraphicalHost.Resources\1.0.0.0_es_31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.GraphicalHost.Resources\1.0.0.0_es_31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.GraphicalHost.Resources\1.0.0.0_es_31bf3856ad364e35\2⤵
-
-
C:\Windows\inf\PNRPSvc\0411\backup.exeC:\Windows\inf\PNRPSvc\0411\backup.exe C:\Windows\inf\PNRPSvc\0411\1⤵
-
C:\Windows\inf\PNRPSvc\0C0A\backup.exeC:\Windows\inf\PNRPSvc\0C0A\backup.exe C:\Windows\inf\PNRPSvc\0C0A\1⤵
-
C:\Windows\inf\rdyboost\backup.exeC:\Windows\inf\rdyboost\backup.exe C:\Windows\inf\rdyboost\1⤵
-
C:\Windows\inf\rdyboost\0000\backup.exeC:\Windows\inf\rdyboost\0000\backup.exe C:\Windows\inf\rdyboost\0000\2⤵
-
-
C:\Windows\inf\rdyboost\0407\backup.exeC:\Windows\inf\rdyboost\0407\backup.exe C:\Windows\inf\rdyboost\0407\2⤵
-
-
C:\Windows\inf\rdyboost\0C0A\backup.exeC:\Windows\inf\rdyboost\0C0A\backup.exe C:\Windows\inf\rdyboost\0C0A\2⤵
-
-
C:\Windows\inf\RemoteAccess\backup.exeC:\Windows\inf\RemoteAccess\backup.exe C:\Windows\inf\RemoteAccess\1⤵
-
C:\Windows\inf\RemoteAccess\0410\backup.exeC:\Windows\inf\RemoteAccess\0410\backup.exe C:\Windows\inf\RemoteAccess\0410\2⤵
-
-
C:\Windows\inf\RemoteAccess\0411\update.exeC:\Windows\inf\RemoteAccess\0411\update.exe C:\Windows\inf\RemoteAccess\0411\2⤵
-
-
C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Security.Resources\1.0.0.0_it_31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Security.Resources\1.0.0.0_it_31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Security.Resources\1.0.0.0_it_31bf3856ad364e35\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\napinit\6a657f2f518f97b282702fce20033459\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\napinit\6a657f2f518f97b282702fce20033459\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\napinit\6a657f2f518f97b282702fce20033459\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.PolicyManagement.Cmdlets\6.1.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.PolicyManagement.Cmdlets\6.1.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.PolicyManagement.Cmdlets\6.1.0.0__31bf3856ad364e35\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\napsnap\f64692e58aa1a7116024bf3c3cbd1352\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\napsnap\f64692e58aa1a7116024bf3c3cbd1352\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\napsnap\f64692e58aa1a7116024bf3c3cbd1352\1⤵
-
C:\Windows\inf\ServiceModelEndpoint 3.0.0.0\0000\backup.exe"C:\Windows\inf\ServiceModelEndpoint 3.0.0.0\0000\backup.exe" C:\Windows\inf\ServiceModelEndpoint 3.0.0.0\0000\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.PolicyManagement.Cmdlets.Resources\6.1.0.0_it_31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.PolicyManagement.Cmdlets.Resources\6.1.0.0_it_31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.PolicyManagement.Cmdlets.Resources\6.1.0.0_it_31bf3856ad364e35\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.PolicyManagement.PolicyManager.Resources\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.PolicyManagement.PolicyManager.Resources\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.PolicyManagement.PolicyManager.Resources\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.PolicyManagement.PolicyManager.Resources\6.1.0.0_it_31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.PolicyManagement.PolicyManager.Resources\6.1.0.0_it_31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.PolicyManagement.PolicyManager.Resources\6.1.0.0_it_31bf3856ad364e35\2⤵
-
-
C:\Windows\inf\ServiceModelOperation 3.0.0.0\0407\backup.exe"C:\Windows\inf\ServiceModelOperation 3.0.0.0\0407\backup.exe" C:\Windows\inf\ServiceModelOperation 3.0.0.0\0407\1⤵
-
C:\Windows\inf\ServiceModelOperation 3.0.0.0\0409\backup.exe"C:\Windows\inf\ServiceModelOperation 3.0.0.0\0409\backup.exe" C:\Windows\inf\ServiceModelOperation 3.0.0.0\0409\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\0e5bae8f265fbbbf53e8ca79d159cd6d\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\0e5bae8f265fbbbf53e8ca79d159cd6d\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\0e5bae8f265fbbbf53e8ca79d159cd6d\1⤵
-
C:\Windows\inf\ServiceModelOperation 3.0.0.0\0C0A\System Restore.exe"C:\Windows\inf\ServiceModelOperation 3.0.0.0\0C0A\System Restore.exe" C:\Windows\inf\ServiceModelOperation 3.0.0.0\0C0A\1⤵
-
C:\Windows\inf\ServiceModelService 3.0.0.0\0409\update.exe"C:\Windows\inf\ServiceModelService 3.0.0.0\0409\update.exe" C:\Windows\inf\ServiceModelService 3.0.0.0\0409\1⤵
-
C:\Windows\inf\SMSvcHost 3.0.0.0\backup.exe"C:\Windows\inf\SMSvcHost 3.0.0.0\backup.exe" C:\Windows\inf\SMSvcHost 3.0.0.0\1⤵
-
C:\Windows\inf\SMSvcHost 3.0.0.0\040C\backup.exe"C:\Windows\inf\SMSvcHost 3.0.0.0\040C\backup.exe" C:\Windows\inf\SMSvcHost 3.0.0.0\040C\2⤵
-
-
C:\Windows\inf\SMSvcHost 3.0.0.0\0411\backup.exe"C:\Windows\inf\SMSvcHost 3.0.0.0\0411\backup.exe" C:\Windows\inf\SMSvcHost 3.0.0.0\0411\2⤵
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\SecurityAuditPolici#\0d274000ebb641e36382e2f19bb64f4e\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\SecurityAuditPolici#\0d274000ebb641e36382e2f19bb64f4e\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\SecurityAuditPolici#\0d274000ebb641e36382e2f19bb64f4e\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard\6.1.0.0__31bf3856ad364e35\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard\6.1.0.0__31bf3856ad364e35\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard\6.1.0.0__31bf3856ad364e35\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard.resources\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard.resources\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard.resources\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard.resources\6.1.0.0_en_31bf3856ad364e35\System Restore.exe"C:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard.resources\6.1.0.0_en_31bf3856ad364e35\System Restore.exe" C:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard.resources\6.1.0.0_en_31bf3856ad364e35\2⤵
-
-
C:\Windows\inf\SMSvcHost 4.0.0.0\backup.exe"C:\Windows\inf\SMSvcHost 4.0.0.0\backup.exe" C:\Windows\inf\SMSvcHost 4.0.0.0\1⤵
-
C:\Windows\inf\SMSvcHost 4.0.0.0\0007\backup.exe"C:\Windows\inf\SMSvcHost 4.0.0.0\0007\backup.exe" C:\Windows\inf\SMSvcHost 4.0.0.0\0007\2⤵
-
-
C:\Windows\inf\SMSvcHost 4.0.0.0\000B\backup.exe"C:\Windows\inf\SMSvcHost 4.0.0.0\000B\backup.exe" C:\Windows\inf\SMSvcHost 4.0.0.0\000B\2⤵
-
-
C:\Windows\inf\SMSvcHost 4.0.0.0\000C\backup.exe"C:\Windows\inf\SMSvcHost 4.0.0.0\000C\backup.exe" C:\Windows\inf\SMSvcHost 4.0.0.0\000C\2⤵
-
-
C:\Windows\inf\SMSvcHost 4.0.0.0\0010\backup.exe"C:\Windows\inf\SMSvcHost 4.0.0.0\0010\backup.exe" C:\Windows\inf\SMSvcHost 4.0.0.0\0010\2⤵
-
-
C:\Windows\inf\SMSvcHost 4.0.0.0\0013\backup.exe"C:\Windows\inf\SMSvcHost 4.0.0.0\0013\backup.exe" C:\Windows\inf\SMSvcHost 4.0.0.0\0013\2⤵
-
-
C:\Windows\inf\SMSvcHost 4.0.0.0\0014\backup.exe"C:\Windows\inf\SMSvcHost 4.0.0.0\0014\backup.exe" C:\Windows\inf\SMSvcHost 4.0.0.0\0014\2⤵
-
-
C:\Windows\inf\SMSvcHost 4.0.0.0\0015\System Restore.exe"C:\Windows\inf\SMSvcHost 4.0.0.0\0015\System Restore.exe" C:\Windows\inf\SMSvcHost 4.0.0.0\0015\2⤵
-
-
C:\Windows\inf\SMSvcHost 4.0.0.0\001F\backup.exe"C:\Windows\inf\SMSvcHost 4.0.0.0\001F\backup.exe" C:\Windows\inf\SMSvcHost 4.0.0.0\001F\2⤵
-
-
C:\Windows\inf\SMSvcHost 4.0.0.0\0404\backup.exe"C:\Windows\inf\SMSvcHost 4.0.0.0\0404\backup.exe" C:\Windows\inf\SMSvcHost 4.0.0.0\0404\2⤵
-
-
C:\Windows\inf\SMSvcHost 4.0.0.0\0416\backup.exe"C:\Windows\inf\SMSvcHost 4.0.0.0\0416\backup.exe" C:\Windows\inf\SMSvcHost 4.0.0.0\0416\2⤵
-
-
C:\Windows\inf\SMSvcHost 4.0.0.0\0804\backup.exe"C:\Windows\inf\SMSvcHost 4.0.0.0\0804\backup.exe" C:\Windows\inf\SMSvcHost 4.0.0.0\0804\2⤵
-
-
C:\Windows\assembly\GAC_MSIL\Microsoft.SharePoint.BusinessData.Administration.Client.Intl\14.0.0.0__71e9bce111e9429c\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.SharePoint.BusinessData.Administration.Client.Intl\14.0.0.0__71e9bce111e9429c\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.SharePoint.BusinessData.Administration.Client.Intl\14.0.0.0__71e9bce111e9429c\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\29c55874e34f9d5cd3ea739262f48adc\System Restore.exe"C:\Windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\29c55874e34f9d5cd3ea739262f48adc\System Restore.exe" C:\Windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\29c55874e34f9d5cd3ea739262f48adc\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Synchronization.Data.SqlServerCe\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Synchronization.Data.SqlServerCe\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Synchronization.Data.SqlServerCe\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Tpm\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Tpm\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Tpm\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\f02737c83305687a68c088927a6c5a98\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\f02737c83305687a68c088927a6c5a98\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\f02737c83305687a68c088927a6c5a98\1⤵
-
C:\Windows\Logs\backup.exeC:\Windows\Logs\backup.exe C:\Windows\Logs\1⤵
-
C:\Windows\Logs\HomeGroup\backup.exeC:\Windows\Logs\HomeGroup\backup.exe C:\Windows\Logs\HomeGroup\2⤵
-
-
C:\Windows\inf\TAPISRV\backup.exeC:\Windows\inf\TAPISRV\backup.exe C:\Windows\inf\TAPISRV\1⤵
-
C:\Windows\inf\TermService\backup.exeC:\Windows\inf\TermService\backup.exe C:\Windows\inf\TermService\1⤵
-
C:\Windows\Media\backup.exeC:\Windows\Media\backup.exe C:\Windows\Media\1⤵
-
C:\Windows\Media\Afternoon\backup.exeC:\Windows\Media\Afternoon\backup.exe C:\Windows\Media\Afternoon\2⤵
-
-
C:\Windows\Media\Calligraphy\backup.exeC:\Windows\Media\Calligraphy\backup.exe C:\Windows\Media\Calligraphy\2⤵
-
-
C:\Windows\Media\Cityscape\backup.exeC:\Windows\Media\Cityscape\backup.exe C:\Windows\Media\Cityscape\2⤵
-
-
C:\Windows\Media\Festival\System Restore.exe"C:\Windows\Media\Festival\System Restore.exe" C:\Windows\Media\Festival\2⤵
-
-
C:\Windows\Media\Raga\backup.exeC:\Windows\Media\Raga\backup.exe C:\Windows\Media\Raga\2⤵
-
-
C:\Windows\assembly\GAC_MSIL\microsoft.transactions.bridge.dtc.resources\3.0.0.0_de_b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_MSIL\microsoft.transactions.bridge.dtc.resources\3.0.0.0_de_b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_MSIL\microsoft.transactions.bridge.dtc.resources\3.0.0.0_de_b03f5f7f11d50a3a\1⤵
-
C:\Windows\inf\UGatherer\0410\data.exeC:\Windows\inf\UGatherer\0410\data.exe C:\Windows\inf\UGatherer\0410\1⤵
-
C:\Windows\assembly\GAC_MSIL\microsoft.transactions.bridge.resources\3.0.0.0_it_b03f5f7f11d50a3a\System Restore.exe"C:\Windows\assembly\GAC_MSIL\microsoft.transactions.bridge.resources\3.0.0.0_it_b03f5f7f11d50a3a\System Restore.exe" C:\Windows\assembly\GAC_MSIL\microsoft.transactions.bridge.resources\3.0.0.0_it_b03f5f7f11d50a3a\1⤵
-
C:\Windows\assembly\GAC_MSIL\microsoft.transactions.bridge.resources\3.0.0.0_ja_b03f5f7f11d50a3a\update.exeC:\Windows\assembly\GAC_MSIL\microsoft.transactions.bridge.resources\3.0.0.0_ja_b03f5f7f11d50a3a\update.exe C:\Windows\assembly\GAC_MSIL\microsoft.transactions.bridge.resources\3.0.0.0_ja_b03f5f7f11d50a3a\1⤵
-
C:\Windows\Microsoft.NET\assembly\backup.exeC:\Windows\Microsoft.NET\assembly\backup.exe C:\Windows\Microsoft.NET\assembly\1⤵
-
C:\Windows\Microsoft.NET\assembly\GAC_32\backup.exeC:\Windows\Microsoft.NET\assembly\GAC_32\backup.exe C:\Windows\Microsoft.NET\assembly\GAC_32\2⤵
-
C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\backup.exeC:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\backup.exe C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\3⤵
-
-
C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\backup.exeC:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\backup.exe C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\3⤵
-
-
C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data.OracleClient\backup.exeC:\Windows\Microsoft.NET\assembly\GAC_32\System.Data.OracleClient\backup.exe C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data.OracleClient\3⤵
-
-
C:\Windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\backup.exeC:\Windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\backup.exe C:\Windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\3⤵
-
-
C:\Windows\Microsoft.NET\assembly\GAC_32\System.Printing\backup.exeC:\Windows\Microsoft.NET\assembly\GAC_32\System.Printing\backup.exe C:\Windows\Microsoft.NET\assembly\GAC_32\System.Printing\3⤵
-
C:\Windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\backup.exeC:\Windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\backup.exe C:\Windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\4⤵
-
-
-
-
C:\Windows\Microsoft.NET\assembly\GAC_64\backup.exeC:\Windows\Microsoft.NET\assembly\GAC_64\backup.exe C:\Windows\Microsoft.NET\assembly\GAC_64\2⤵
-
C:\Windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\backup.exeC:\Windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\backup.exe C:\Windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\3⤵
-
-
C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\backup.exeC:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\backup.exe C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\3⤵
-
C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\4⤵
-
-
-
C:\Windows\Microsoft.NET\assembly\GAC_64\mscorlib\backup.exeC:\Windows\Microsoft.NET\assembly\GAC_64\mscorlib\backup.exe C:\Windows\Microsoft.NET\assembly\GAC_64\mscorlib\3⤵
-
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\4308c2310ca6f08c6e0068172e5b709f\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\4308c2310ca6f08c6e0068172e5b709f\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\4308c2310ca6f08c6e0068172e5b709f\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.Vbe.Interop\14.0.0.0__71e9bce111e9429c\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.Vbe.Interop\14.0.0.0__71e9bce111e9429c\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.Vbe.Interop\14.0.0.0__71e9bce111e9429c\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_64\Accessibility\data.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\Accessibility\data.exe C:\Windows\assembly\NativeImages_v2.0.50727_64\Accessibility\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\2⤵
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_64\AuditPolicyGPManage#\ce8c100b866ac8facc1902286aede990\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\AuditPolicyGPManage#\ce8c100b866ac8facc1902286aede990\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_64\AuditPolicyGPManage#\ce8c100b866ac8facc1902286aede990\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\1⤵
-
C:\Windows\inf\UGTHRSVC\0C0A\backup.exeC:\Windows\inf\UGTHRSVC\0C0A\backup.exe C:\Windows\inf\UGTHRSVC\0C0A\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\1⤵
-
C:\Windows\inf\usbhub\backup.exeC:\Windows\inf\usbhub\backup.exe C:\Windows\inf\usbhub\1⤵
-
C:\Windows\inf\usbhub\0000\data.exeC:\Windows\inf\usbhub\0000\data.exe C:\Windows\inf\usbhub\0000\2⤵
-
-
C:\Windows\inf\usbhub\0410\backup.exeC:\Windows\inf\usbhub\0410\backup.exe C:\Windows\inf\usbhub\0410\2⤵
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_64\ComSvcConfig\d632b7434f821829827657e23ac98589\System Restore.exe"C:\Windows\assembly\NativeImages_v2.0.50727_64\ComSvcConfig\d632b7434f821829827657e23ac98589\System Restore.exe" C:\Windows\assembly\NativeImages_v2.0.50727_64\ComSvcConfig\d632b7434f821829827657e23ac98589\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\ced847eb933ffee8e1a2e738205916ce\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\ced847eb933ffee8e1a2e738205916ce\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\ced847eb933ffee8e1a2e738205916ce\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_64\CustomMarshalers\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\CustomMarshalers\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_64\CustomMarshalers\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_64\CustomMarshalers\e41fccd68a6543f2528f6f6118f5f7e2\data.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\CustomMarshalers\e41fccd68a6543f2528f6f6118f5f7e2\data.exe C:\Windows\assembly\NativeImages_v2.0.50727_64\CustomMarshalers\e41fccd68a6543f2528f6f6118f5f7e2\2⤵
-
-
C:\Windows\assembly\NativeImages_v2.0.50727_64\dfsvc\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\dfsvc\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_64\dfsvc\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_64\ehCIR\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\ehCIR\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_64\ehCIR\1⤵
-
C:\Windows\assembly\GAC_MSIL\MICROSOFT.VISUALBASIC.COMPATIBILITY.resources\backup.exeC:\Windows\assembly\GAC_MSIL\MICROSOFT.VISUALBASIC.COMPATIBILITY.resources\backup.exe C:\Windows\assembly\GAC_MSIL\MICROSOFT.VISUALBASIC.COMPATIBILITY.resources\1⤵
-
C:\Windows\assembly\GAC_MSIL\MICROSOFT.VISUALBASIC.COMPATIBILITY.resources\8.0.0.0_es_b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_MSIL\MICROSOFT.VISUALBASIC.COMPATIBILITY.resources\8.0.0.0_es_b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_MSIL\MICROSOFT.VISUALBASIC.COMPATIBILITY.resources\8.0.0.0_es_b03f5f7f11d50a3a\2⤵
-
-
C:\Windows\assembly\GAC_MSIL\MICROSOFT.VISUALBASIC.COMPATIBILITY.resources\8.0.0.0_it_b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_MSIL\MICROSOFT.VISUALBASIC.COMPATIBILITY.resources\8.0.0.0_it_b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_MSIL\MICROSOFT.VISUALBASIC.COMPATIBILITY.resources\8.0.0.0_it_b03f5f7f11d50a3a\2⤵
-
-
C:\Windows\inf\Windows Workflow Foundation 3.0.0.0\0410\backup.exe"C:\Windows\inf\Windows Workflow Foundation 3.0.0.0\0410\backup.exe" C:\Windows\inf\Windows Workflow Foundation 3.0.0.0\0410\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_64\ehiBmlDataCarousel\99c61751c71078d92ff372495bc38fc3\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\ehiBmlDataCarousel\99c61751c71078d92ff372495bc38fc3\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_64\ehiBmlDataCarousel\99c61751c71078d92ff372495bc38fc3\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_64\ehiExtens\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\ehiExtens\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_64\ehiExtens\1⤵
-
C:\Windows\inf\Windows Workflow Foundation 3.0.0.0\0C0A\backup.exe"C:\Windows\inf\Windows Workflow Foundation 3.0.0.0\0C0A\backup.exe" C:\Windows\inf\Windows Workflow Foundation 3.0.0.0\0C0A\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\19837bdc62b7667aba81364142e3565a\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\19837bdc62b7667aba81364142e3565a\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\19837bdc62b7667aba81364142e3565a\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_64\ehiiTv\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\ehiiTv\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_64\ehiiTv\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_64\ehiiTv\4a7ec1155d9e9e4b40889b171d16a577\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\ehiiTv\4a7ec1155d9e9e4b40889b171d16a577\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_64\ehiiTv\4a7ec1155d9e9e4b40889b171d16a577\2⤵
-
-
C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_de_b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_de_b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_de_b03f5f7f11d50a3a\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6f3b99ed0b791ff4d8aa52f2f0cd0bcf\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6f3b99ed0b791ff4d8aa52f2f0cd0bcf\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6f3b99ed0b791ff4d8aa52f2f0cd0bcf\1⤵
-
C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\backup.exeC:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\backup.exe C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_64\ehiProxy\50691bdee045a2df00f00ac461844c5f\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\ehiProxy\50691bdee045a2df00f00ac461844c5f\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_64\ehiProxy\50691bdee045a2df00f00ac461844c5f\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_it_b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_it_b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_it_b03f5f7f11d50a3a\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_ja_b03f5f7f11d50a3a\update.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_ja_b03f5f7f11d50a3a\update.exe C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_ja_b03f5f7f11d50a3a\1⤵
-
C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\0009\backup.exe"C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\0009\backup.exe" C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\0009\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\17e443d6c643b83137beb310adee3c48\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\17e443d6c643b83137beb310adee3c48\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\17e443d6c643b83137beb310adee3c48\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1⤵
-
C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\000B\backup.exe"C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\000B\backup.exe" C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\000B\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Adapter\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Adapter\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Adapter\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Adapter\8.0.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Adapter\8.0.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Adapter\8.0.0.0__b03f5f7f11d50a3a\2⤵
-
-
C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\000D\backup.exe"C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\000D\backup.exe" C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\000D\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_64\ehiwmp\9f570489c98c93a79f0fd793586afdc6\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\ehiwmp\9f570489c98c93a79f0fd793586afdc6\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_64\ehiwmp\9f570489c98c93a79f0fd793586afdc6\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Printing\aac5817d96d0ddcffebc1c45000e9008\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Printing\aac5817d96d0ddcffebc1c45000e9008\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Printing\aac5817d96d0ddcffebc1c45000e9008\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_64\ehiWUapi\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\ehiWUapi\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_64\ehiWUapi\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_64\ehiWUapi\b253aa4b8000e29b2fb725e4f7b8bc7c\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\ehiWUapi\b253aa4b8000e29b2fb725e4f7b8bc7c\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_64\ehiWUapi\b253aa4b8000e29b2fb725e4f7b8bc7c\2⤵
-
-
C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\0011\backup.exe"C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\0011\backup.exe" C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\0011\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Adapter.v9.0\9.0.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Adapter.v9.0\9.0.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Adapter.v9.0\9.0.0.0__b03f5f7f11d50a3a\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0\System Restore.exe"C:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0\System Restore.exe" C:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_64\ehshell\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\ehshell\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_64\ehshell\1⤵
-
C:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0\9.0.0.0__b03f5f7f11d50a3a\backup.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0\9.0.0.0__b03f5f7f11d50a3a\backup.exe C:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0\9.0.0.0__b03f5f7f11d50a3a\1⤵
-
C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\001D\backup.exe"C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\001D\backup.exe" C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\001D\1⤵
-
C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\backup.exeC:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\backup.exe C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_64\EventViewer\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\EventViewer\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_64\EventViewer\1⤵
-
C:\Windows\assembly\NativeImages_v2.0.50727_64\EventViewer\21464de9aa1dce17c1f42044129a986e\backup.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\EventViewer\21464de9aa1dce17c1f42044129a986e\backup.exe C:\Windows\assembly\NativeImages_v2.0.50727_64\EventViewer\21464de9aa1dce17c1f42044129a986e\2⤵
-
-
C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\0416\backup.exe"C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\0416\backup.exe" C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\0416\1⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
72KB
MD52ad8071cc4880f9929fa10b86cf8c2d9
SHA10e7e5a6799d244dcb9d2fc1c81298d330cdf71c9
SHA256b14772b715ab1245abdead3237c9788627f1d79b5764a453321608b589edeffa
SHA512f5eab75d920ac79ddd143ea3c115173d49608e05fb5868f14b2ffc6d32ae25de6a6c425d7af03fb3b5636794f22801bbd4dbcb12624d2b1c387897dca9f1a303
-
Filesize
72KB
MD509ec2496c6d2096068702b4d96df7861
SHA1b38e4b96823863b5b698c5de9014ba399d23c4a8
SHA256cf910af4e9f6d1f4d625b8cc37d7db3c8743d0d0e6edeb63b10e5ea6b529bb7c
SHA5127c2bdbd3ed4d824967895a25d373c5ee2f7d2a69fac77d156a28a2e09e1b30a09e89c3830c47b57026ca9042b08b4422ac8a0de66f58addb23c24f1efa8b7885
-
Filesize
21KB
MD5d7d35beac7126621d7aa8ff4eb7acdfd
SHA15ea2a432be22853e74f77b027d2cf14e723fe957
SHA256b54315951bb83440463b10d977d32bb59c400eeb797e3a9d9f38abd584e0bd58
SHA5121a22082fc1b1fc28d4ece3c886e4100f189a86edcfaffcd541a6d2ab863ae70e097593716087317edfcb7c4bae17c60e72151052b2c864d54488fc96b89bb135
-
Filesize
22B
MD576cdb2bad9582d23c1f6f4d868218d6c
SHA1b04f3ee8f5e43fa3b162981b50bb72fe1acabb33
SHA2568739c76e681f900923b900c9df0ef75cf421d39cabb54650c4b9ad19b6a76d85
SHA5125e2f959f36b66df0580a94f384c5fc1ceeec4b2a3925f062d7b68f21758b86581ac2adcfdde73a171a28496e758ef1b23ca4951c05455cdae9357cc3b5a5825f
-
Filesize
72KB
MD5ea6847c604f4946f106302c682ea000d
SHA139549c3011b063ba34d110b68af344574a3cbc33
SHA256b1b89db9679f8f3dae113e18147ba77f63e8c098e003741130457cea8aeb7c6e
SHA51277a6d0eb2a33dc50d899574c8dc4a967fefe6ac8cb8d9c051843e68286a4c9c9bdc68f4afe190d25085da00c9cfae316a57aa08a65c8029a9e7317bf0bd32463
-
Filesize
72KB
MD5377610284b88475800b507407f443a1a
SHA18408e25774ada99d5e6c3d09c40f78a700015bdd
SHA256a31d7320535eefffb22423f7ef36ff0e1ae56cea8a2f2925b97671d9751d4170
SHA512a436cb060302fccde1629f589422f89d0354a662586d51fbe8b4d837c864b0a4d7a8dbf62bae3aa818a4edd9d5e17c6af744ba0b945289688d540d2726a11970
-
Filesize
72KB
MD5a5962b96a944b5b09de8685aec68b594
SHA178f3e3c381c74a52eda6d5baaaa66beef0cfcb29
SHA2564e550e303233ada96fe2e32db80a3406fc791f07db6bbabca041baa4f9610d38
SHA5128b022b069d86ca12429419ee160425dae49863c8879dbe20fe29fd08d9b776d369764f18502f45e2071eba2368f8b0b097edd95ebae689bd8eb659de9572a251
-
Filesize
72KB
MD51c25780e2457261eaf552a41a2b5036d
SHA16ffbf3bce82d6de7a717dd4f8ba3493f7ea474e7
SHA25600f7ad377dea4a6d690643b29a9fbc9cfd6c3fd5fb33ffe92df9d1bd03ff3512
SHA512efff857dbbad2d21b68bc5d414c4b13d6db7e902aa59f7cdaca2a5e55cf9f2446d6eaddcce774a8d035b08afabd8dd33455c047327d2b0bdc334de3902c171aa
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
1.1MB
-
Filesize
1.1MB
-
Filesize
1000KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB