Source: WINWORD.EXE | String found in binary or memory: file:/// |
Source: WINWORD.EXE | String found in binary or memory: file:///C: |
Source: WINWORD.EXE | String found in binary or memory: file:///C:/Users/user/Desktop/DoNotOpen2.doc |
Source: WINWORD.EXE | String found in binary or memory: file:///C:/Users/user/Desktop/DoNotOpen2.docE |
Source: WINWORD.EXE | String found in binary or memory: file:///C:/Users/user/Desktop/DoNotOpen2.docO |
Source: explorer.exe | String found in binary or memory: file:///C:/Users/user/Documents |
Source: explorer.exe | String found in binary or memory: file:///C:/Users/user/Documentsrs |
Source: iexplore.exe | String found in binary or memory: http:// |
Source: iexplore.exe | String found in binary or memory: http://%s |
Source: iexplore.exe | String found in binary or memory: http://%sConnectType |
Source: iexplore.exe | String found in binary or memory: http://103.236.150.14 |
Source: iexplore.exe | String found in binary or memory: http://103.236.150.14192.168.1.16 |
Source: iexplore.exe | String found in binary or memory: http://api.ipaddress.com/myip?format=txt |
Source: iexplore.exe | String found in binary or memory: http://api.ipaddress.com/myip?format=txt1 |
Source: iexplore.exe | String found in binary or memory: http://https://: |
Source: iexplore.exe | String found in binary or memory: http://https://Try |
Source: WINWORD.EXE | String found in binary or memory: http://schemas.openx |
Source: WINWORD.EXE | String found in binary or memory: http://schemas.openxDV |
Source: WINWORD.EXE | String found in binary or memory: http://schemas.openxmlformat |
Source: WINWORD.EXE | String found in binary or memory: http://schemas.openxmlformatDV |
Source: explorer.exe | String found in binary or memory: http://wellformedweb.org/CommentAPI/ |
Source: WINWORD.EXE | String found in binary or memory: http://www. |
Source: explorer.exe | String found in binary or memory: http://www.%s.comPA |
Source: WINWORD.EXE | String found in binary or memory: http://www.msnusers.com |
Source: iexplore.exe | String found in binary or memory: https:// |
Source: iexplore.exe | String found in binary or memory: https://%s |
Source: iexplore.exe | String found in binary or memory: https://%sTry |
Source: explorer.exe | String found in binary or memory: https://en.wikipedia.org/wiki/XSLT/Muenchian_grouping |
Source: C:\Program Files\Internet Explorer\iexplore.exe | Registry value created or modified: HKEY_USERS\Software\Microsoft\Windows\CurrentVersion\Run IAStorD |
Source: C:\Program Files\Internet Explorer\iexplore.exe | Registry value created or modified: HKEY_USERS\Software\Microsoft\Windows\CurrentVersion\Run IAStorD |
Source: C:\Program Files\Internet Explorer\iexplore.exe | Registry value created or modified: HKEY_USERS\Software\Microsoft\Windows\CurrentVersion\Run IAStorD |
Source: C:\Program Files\Internet Explorer\iexplore.exe | Registry value created or modified: HKEY_USERS\Software\Microsoft\Windows\CurrentVersion\Run IAStorD |
Source: C:\Windows\explorer.exe | Key value created or modified: C:\Users\user\Documents |
Source: C:\Windows\explorer.exe | Key value created or modified: C:\Users\user\Documents |
Source: C:\Windows\explorer.exe | Key value created or modified: C:\Users\Public\Documents |
Source: C:\Windows\explorer.exe | Key value created or modified: C:\Users\user\Documents |
Source: C:\Windows\explorer.exe | Key value created or modified: C:\Users\user\Documents\QLSSZNHVJI |
Source: unknown | Process created: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE 'C:\Program Files\Microsoft Office\Office14\WINWORD.EXE' /n 'C:\Users\user\Desktop\DoNotOpen2.doc |
Source: unknown | Process created: C:\Program Files\Common Files\microsoft shared\EQUATION\EQNEDT32.EXE 'C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE' -Embedding |
Source: unknown | Process created: C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe |
Source: unknown | Process created: C:\Windows\explorer.exe explorer.exe C:\Windows\system32\rundll32.exe C:\Users\user\AppData\Roaming\Microsoft\Windows\Caches\NavShExt.dll,Setting |
Source: unknown | Process created: C:\Program Files\Common Files\microsoft shared\EQUATION\EQNEDT32.EXE 'C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE' -Embedding |
Source: unknown | Process created: C:\Windows\explorer.exe C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding |
Source: C:\Program Files\Common Files\microsoft shared\EQUATION\EQNEDT32.EXE | Process created: C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe |
Source: C:\Program Files\Common Files\microsoft shared\EQUATION\EQNEDT32.EXE | Code function: 2_2_617B223D | 2_2_617B223D |
Source: C:\Program Files\Internet Explorer\iexplore.exe | Code function: 3_2_004F13F5 | 3_2_004F13F5 |
Source: C:\Program Files\Internet Explorer\iexplore.exe | Code function: 3_2_00513ABC | 3_2_00513ABC |
Source: C:\Program Files\Internet Explorer\iexplore.exe | Code function: 3_2_00519361 | 3_2_00519361 |
Source: C:\Program Files\Internet Explorer\iexplore.exe | Code function: 3_2_00519958 | 3_2_00519958 |
Source: C:\Program Files\Internet Explorer\iexplore.exe | Code function: 3_2_005186ED | 3_2_005186ED |
Source: C:\Program Files\Internet Explorer\iexplore.exe | Code function: 3_2_00519591 | 3_2_00519591 |
Source: C:\Program Files\Internet Explorer\iexplore.exe | Code function: 3_2_00518EF8 | 3_2_00518EF8 |
Source: C:\Program Files\Common Files\microsoft shared\EQUATION\EQNEDT32.EXE | Code function: 2_2_617B223D Setting,IsDebuggerPresent,CreateMutexA,GetLastError,CloseHandle,CloseHandle,memset,SHGetSpecialFolderPathA,memset,MultiByteToWideChar,GetModuleHandleW,GetProcAddress,GetProcAddress,CreateProcessA,memset,GetModuleFileNameA,GetProcAddress,GetProcAddress,VirtualAllocEx,WriteProcessMemory,GetProcAddress,CreateRemoteThread,WaitForSingleObject,WaitForSingleObject,GetExitCodeThread,CreateRemoteThread,WaitForSingleObject,VirtualFreeEx,CloseHandle, | 2_2_617B223D |
Source: C:\Program Files\Common Files\microsoft shared\EQUATION\EQNEDT32.EXE | Code function: 2_2_617B223D Setting,IsDebuggerPresent,CreateMutexA,GetLastError,CloseHandle,CloseHandle,memset,SHGetSpecialFolderPathA,memset,MultiByteToWideChar,GetModuleHandleW,GetProcAddress,GetProcAddress,CreateProcessA,memset,GetModuleFileNameA,GetProcAddress,GetProcAddress,VirtualAllocEx,WriteProcessMemory,GetProcAddress,CreateRemoteThread,WaitForSingleObject,WaitForSingleObject,GetExitCodeThread,CreateRemoteThread,WaitForSingleObject,VirtualFreeEx,CloseHandle, | 2_2_617B223D |
Source: C:\Program Files\Common Files\microsoft shared\EQUATION\EQNEDT32.EXE | Code function: 2_2_617B2860 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess, | 2_2_617B2860 |
Source: C:\Program Files\Internet Explorer\iexplore.exe | Code function: 3_2_004F32A0 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess, | 3_2_004F32A0 |
Source: C:\Program Files\Internet Explorer\iexplore.exe | Code function: 3_2_0051A460 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess, | 3_2_0051A460 |
Source: C:\Program Files\Common Files\microsoft shared\EQUATION\EQNEDT32.EXE | Code function: 2_2_617B223D Setting,IsDebuggerPresent,CreateMutexA,GetLastError,CloseHandle,CloseHandle,memset,SHGetSpecialFolderPathA,memset,MultiByteToWideChar,GetModuleHandleW,GetProcAddress,GetProcAddress,CreateProcessA,memset,GetModuleFileNameA,GetProcAddress,GetProcAddress,VirtualAllocEx,WriteProcessMemory,GetProcAddress,CreateRemoteThread,WaitForSingleObject,WaitForSingleObject,GetExitCodeThread,CreateRemoteThread,WaitForSingleObject,VirtualFreeEx,CloseHandle, | 2_2_617B223D |
Source: iexplore.exe | Binary or memory string: vmtools.exe |
Source: iexplore.exe | Binary or memory string: SYSTEM\ControlSet001\services\Disk\Enum0x3A RegOpenKeyExW Disk Failed-%d0vmwareqemuvboxvirtualhdSoftware\CommViewSoftware\eEye Digital SecuritySoftware\Win SnifferSoftware\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\APIS32Software\Syser SoftSoftware\Classes\Folder\shell\sandboxSoftware\Classes\*\shell\sandboxSYSTEM\CurrentControlSet\Services\IRIS5SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WiresharkSOFTWARE\ZxSnifferSYSTEM\CurrentControlSet\Services\VBoxGuestSOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Oracle VM VirtualBox Guest AdditionsSOFTWARE\Microsoft\Windows\CurrentVersion\UninstallSandboxie%svboxtray.exevboxservice.exevmwareuser.exevmwaretray.exevmupgradehelper.exevmtoolsd.exevmacthlp.exevmtools.exeirise.exeIrisSvc.exewireshark.exeZxSniffer.exeRegshot.exeollydbg.exewindbg.exePEBrowseDbg.exeSyser.exeSandboxieRpcSs.exeSandboxieDcomLaunch.exe%02X%02X%02X%02X%02X%02X 000569000C29001C1400505600155D00163E080027H |
Source: iexplore.exe | Binary or memory string: SYSTEM\CurrentControlSet\Services\VBoxGuest |
Source: iexplore.exe | Binary or memory string: vmware |
Source: iexplore.exe | Binary or memory string: vmwaretray.exe |
Source: iexplore.exe | Binary or memory string: vmwareuser.exe |
Source: iexplore.exe | Binary or memory string: vmtoolsd.exe |
Source: iexplore.exe | Binary or memory string: vboxservice.exe |
Source: iexplore.exe | Binary or memory string: vboxtray.exe |
Source: C:\Program Files\Internet Explorer\iexplore.exe | Code function: ??2@YAPAXI@Z,memset,GetAdaptersInfo,??3@YAXPAX@Z,??2@YAPAXI@Z,GetAdaptersInfo,memset,___swprintf_l,??3@YAXPAX@Z,strstr,strstr,strstr,strstr,strstr,strstr,strstr, | 3_2_004F2FA1 |
Source: C:\Program Files\Internet Explorer\iexplore.exe | Code function: ??2@YAPAXI@Z,GetAdaptersInfo,??3@YAXPAX@Z,??2@YAPAXI@Z,GetAdaptersInfo,??3@YAXPAX@Z,___swprintf_l,realloc,___swprintf_l,___swprintf_l,realloc,___swprintf_l,realloc,___swprintf_l,??3@YAXPAX@Z, | 3_2_005177AB |
Source: C:\Program Files\Internet Explorer\iexplore.exe | Code function: ??2@YAPAXI@Z,GetAdaptersInfo,??3@YAXPAX@Z,??2@YAPAXI@Z,GetAdaptersInfo,??3@YAXPAX@Z, | 3_2_00514B82 |
Source: C:\Program Files\Internet Explorer\iexplore.exe | Code function: ??2@YAPAXI@Z,GetAdaptersInfo,??3@YAXPAX@Z,??2@YAPAXI@Z,GetAdaptersInfo,??3@YAXPAX@Z, | 3_2_00514AAC |
Source: C:\Program Files\Common Files\microsoft shared\EQUATION\EQNEDT32.EXE TID: 3440 | Thread sleep time: -60000s >= -60000s |
Source: C:\Program Files\Common Files\microsoft shared\EQUATION\EQNEDT32.EXE TID: 3440 | Thread sleep time: -60000s >= -60000s |
Source: C:\Windows\explorer.exe TID: 3540 | Thread sleep time: -180000s >= -60000s |
Source: C:\Program Files\Common Files\microsoft shared\EQUATION\EQNEDT32.EXE TID: 3536 | Thread sleep time: -60000s >= -60000s |
Source: C:\Program Files\Internet Explorer\iexplore.exe | Code function: 3_2_004F2FA1 ??2@YAPAXI@Z,memset,GetAdaptersInfo,??3@YAXPAX@Z,??2@YAPAXI@Z,GetAdaptersInfo,memset,___swprintf_l,??3@YAXPAX@Z,strstr,strstr,strstr,strstr,strstr,strstr,strstr, | 3_2_004F2FA1 |
Source: C:\Program Files\Internet Explorer\iexplore.exe | Code function: 3_2_004F2FA1 ??2@YAPAXI@Z,memset,GetAdaptersInfo,??3@YAXPAX@Z,??2@YAPAXI@Z,GetAdaptersInfo,memset,___swprintf_l,??3@YAXPAX@Z,strstr,strstr,strstr,strstr,strstr,strstr,strstr, | 3_2_004F2FA1 |
Source: C:\Program Files\Internet Explorer\iexplore.exe | Code function: 3_2_004F2FA1 ??2@YAPAXI@Z,memset,GetAdaptersInfo,??3@YAXPAX@Z,??2@YAPAXI@Z,GetAdaptersInfo,memset,___swprintf_l,??3@YAXPAX@Z,strstr,strstr,strstr,strstr,strstr,strstr,strstr, | 3_2_004F2FA1 |
Source: C:\Program Files\Internet Explorer\iexplore.exe | Code function: 3_2_004F28FC RegOpenKeyExW,RegOpenKeyExW,RegCloseKey,RegOpenKeyExW,RegCloseKey, | 3_2_004F28FC |
Source: C:\Program Files\Internet Explorer\iexplore.exe | Code function: 3_2_004F28FC RegOpenKeyExW,RegOpenKeyExW,RegCloseKey,RegOpenKeyExW,RegCloseKey, | 3_2_004F28FC |
Source: C:\Program Files\Internet Explorer\iexplore.exe | Code function: 3_2_004F28FC RegOpenKeyExW,RegOpenKeyExW,RegCloseKey,RegOpenKeyExW,RegCloseKey, | 3_2_004F28FC |
Source: C:\Program Files\Internet Explorer\iexplore.exe | Code function: 3_2_004F28FC RegOpenKeyExW,RegOpenKeyExW,RegCloseKey,RegOpenKeyExW,RegCloseKey, | 3_2_004F28FC |
Source: C:\Program Files\Internet Explorer\iexplore.exe | Code function: 3_2_004F28FC RegOpenKeyExW,RegOpenKeyExW,RegCloseKey,RegOpenKeyExW,RegCloseKey, | 3_2_004F28FC |
Source: C:\Program Files\Internet Explorer\iexplore.exe | Code function: 3_2_004F28FC RegOpenKeyExW,RegOpenKeyExW,RegCloseKey,RegOpenKeyExW,RegCloseKey, | 3_2_004F28FC |
Source: C:\Program Files\Internet Explorer\iexplore.exe | Code function: 3_2_004F28FC RegOpenKeyExW,RegOpenKeyExW,RegCloseKey,RegOpenKeyExW,RegCloseKey, | 3_2_004F28FC |
Source: C:\Program Files\Internet Explorer\iexplore.exe | Code function: 3_2_004F28FC RegOpenKeyExW,RegOpenKeyExW,RegCloseKey,RegOpenKeyExW,RegCloseKey, | 3_2_004F28FC |
Source: C:\Program Files\Internet Explorer\iexplore.exe | Code function: 3_2_004F28FC RegOpenKeyExW,RegOpenKeyExW,RegCloseKey,RegOpenKeyExW,RegCloseKey, | 3_2_004F28FC |
Source: C:\Program Files\Internet Explorer\iexplore.exe | Code function: 3_2_004F28FC RegOpenKeyExW,RegOpenKeyExW,RegCloseKey,RegOpenKeyExW,RegCloseKey, | 3_2_004F28FC |
Source: C:\Program Files\Internet Explorer\iexplore.exe | Code function: 3_2_004F28FC RegOpenKeyExW,RegOpenKeyExW,RegCloseKey,RegOpenKeyExW,RegCloseKey, | 3_2_004F28FC |
Source: iexplore.exe | Binary or memory string: WINDBG.EXE |
Source: iexplore.exe | Binary or memory string: IRISE.EXE |
Source: iexplore.exe | Binary or memory string: SANDBOXIERPCSS.EXE |
Source: iexplore.exe | Binary or memory string: WIRESHARK.EXE |
Source: iexplore.exe | Binary or memory string: IRISSVC.EXE |
Source: iexplore.exe | Binary or memory string: ZXSNIFFER.EXE |
Source: iexplore.exe | Binary or memory string: PEBROWSEDBG.EXE |
Source: iexplore.exe | Binary or memory string: SYSER.EXE |
Source: iexplore.exe | Binary or memory string: OLLYDBG.EXE |
Source: iexplore.exe | Binary or memory string: SANDBOXIEDCOMLAUNCH.EXE |
Source: iexplore.exe | Binary or memory string: REGSHOT.EXE |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\explorer.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\explorer.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\explorer.exe | Process information set: NOOPENFILEERRORBOX |