Heavily Obfuscated JAR Drops Adwind RAT

Monitored Processes

Process Overview

ID	PID	Monitor Reason	Integrity Level	Image Name	Command Line	Origin ID
#1	0xcc0	Analysis Target	Medium	java.exe	"C:\Program Files\Java\jre7\bin\java.exe" -jar "C:\Users\2XC7U6~1\Desktop\Bissell New PO.qrypted.jar"	-
#2	0xd18	Child Process	Medium	java.exe	"C:\Program Files\Java\jre7\bin\java.exe" -jar C:\Users\2XC7U6~1\AppData\Local\Temp\_0.77866636596601243045465905282659207.class	#1
#3	0xd64	Child Process	Medium	cmd.exe	cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive2955724691501239824.vbs	#1
#4	0xd78	Child Process	Medium	cscript.exe	cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive2955724691501239824.vbs	#3
#6	0xdb4	Child Process	Medium	cmd.exe	cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3009091646390096651.vbs	#2
#7	0xdc8	Child Process	Medium	cscript.exe	cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3009091646390096651.vbs	#6
#10	0xdf8	Child Process	Medium	cmd.exe	cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs	#1
#11	0xe0c	Child Process	Medium	cscript.exe	cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs	#10
#12	0xe1c	Child Process	Medium	cmd.exe	cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive8453022226677560905.vbs	#2
#13	0xe48	Child Process	Medium	cscript.exe	cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive8453022226677560905.vbs	#12
#14	0xe58	Child Process	Medium	xcopy.exe	xcopy "C:\Program Files\Java\jre7" "C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\" /e	#1
#15	0xe88	Child Process	Medium	xcopy.exe	xcopy "C:\Program Files\Java\jre7" "C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\" /e	#2
#16	0xf40	Child Process	Medium	reg.exe	reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v NTMGCGGUKus /t REG_EXPAND_SZ /d "\"C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\javaw.exe\" -jar \"C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm\"" /f	#1
#17	0xf48	Child Process	Medium	attrib.exe	attrib +h "C:\Users\2XC7u663GxWc\cqsFQOTqbmg\."	#1
#18	0xf50	Child Process	Medium	attrib.exe	attrib +h "C:\Users\2XC7u663GxWc\cqsFQOTqbmg"	#1
#19	0xf58	Child Process	Medium	javaw.exe	C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\javaw.exe -jar C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm	#1
#20	0xfb8	Child Process	Medium	java.exe	C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\java.exe -jar C:\Users\2XC7U6~1\AppData\Local\Temp\_0.080316539076114361006181509658991106.class	#19
#21	0x110	Child Process	Medium	cmd.exe	cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive5186310507301951599.vbs	#19
#22	0x114	Child Process	Medium	cscript.exe	cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive5186310507301951599.vbs	#21
#23	0x400	Child Process	Medium	cmd.exe	cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive466295784543991919.vbs	#20
#24	0x130	Child Process	Medium	cscript.exe	cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive466295784543991919.vbs	#23
#25	0x754	Child Process	Medium	cmd.exe	cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1625750400979200631.vbs	#19
#26	0x588	Child Process	Medium	cmd.exe	cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3068316261550961408.vbs	#20
#27	0x924	Child Process	Medium	cscript.exe	cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3068316261550961408.vbs	#26
#28	0x904	Child Process	Medium	cscript.exe	cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1625750400979200631.vbs	#25
#30	0x35c	Autostart	Medium	javaw.exe	"C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\javaw.exe" -jar "C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm"	-
#31	0x290	Child Process	Medium	java.exe	C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\java.exe -jar C:\Users\2XC7U6~1\AppData\Local\Temp\_0.98963488192277293018538009244777557.class	#30
#32	0x558	Child Process	Medium	cmd.exe	cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1360789152958718586.vbs	#30
#33	0x7a4	Child Process	Medium	cscript.exe	cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1360789152958718586.vbs	#32
#35	0x42c	Child Process	Medium	cmd.exe	cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3549377093237930864.vbs	#30
#36	0x174	Child Process	Medium	cscript.exe	cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3549377093237930864.vbs	#35
#37	0x7a0	Child Process	Medium	cmd.exe	cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive7366168634408503799.vbs	#31
#38	0x718	Child Process	Medium	cscript.exe	cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive7366168634408503799.vbs	#37
#39	0x624	Child Process	Medium	cmd.exe	cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1162148989861803484.vbs	#31
#40	0x640	Child Process	Medium	cscript.exe	cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1162148989861803484.vbs	#39

Behavior Information - Sequential View

Process #1: java.exe

7815

Information	Value
ID	#1
File Name	c:\program files\java\jre7\bin\java.exe
Command Line	"C:\Program Files\Java\jre7\bin\java.exe" -jar "C:\Users\2XC7U6~1\Desktop\Bissell New PO.qrypted.jar"
Initial Working Directory	C:\Users\2XC7u663GxWc\Desktop\
Monitor	Start Time: 00:00:11, Reason: Analysis Target
Unmonitor	End Time: 00:00:59, Reason: Self Terminated
Monitor Duration	00:00:48

OS Process Information

Information	Value
PID	0xcc0
Parent PID	0x3ac (c:\windows\explorer.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x CC4 0x CE0 0x CE8 0x CEC 0x CF0 0x CFC 0x CF4 0x CF8 0x D00 0x D04 0x D08 0x D40 0x D44 0x D48 0x D60 0x EAC 0x F60 0x F74

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	-	-	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000030000	0x00030000	0x00033fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000040000	0x00040000	0x00042fff	Pagefile Backed Memory	-	-	-
locale.nls	0x00050000	0x000b6fff	Memory Mapped File	-	-	-
private_0x00000000000c0000	0x000c0000	0x000c0fff	Private Memory	-	-	-
private_0x00000000000d0000	0x000d0000	0x000d0fff	Private Memory	-	-	-
pagefile_0x00000000000e0000	0x000e0000	0x000e0fff	Pagefile Backed Memory	-	-	-
pagefile_0x00000000000f0000	0x000f0000	0x000f1fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000100000	0x00100000	0x00106fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000110000	0x00110000	0x00111fff	Pagefile Backed Memory	-	-	-
private_0x0000000000120000	0x00120000	0x00120fff	Private Memory	-	-	-
private_0x0000000000130000	0x00130000	0x00130fff	Private Memory	-	-	-
3264	0x00140000	0x0014ffff	Memory Mapped File	-	-	-
private_0x0000000000150000	0x00150000	0x0015ffff	Private Memory	-	-	-
private_0x0000000000160000	0x00160000	0x0016ffff	Private Memory	-	-	-
private_0x0000000000170000	0x00170000	0x001bffff	Private Memory	-	-	-
pagefile_0x00000000001c0000	0x001c0000	0x00287fff	Pagefile Backed Memory	-	-	-
private_0x0000000000290000	0x00290000	0x002bffff	Private Memory	-	-	-
private_0x00000000002c0000	0x002c0000	0x002cffff	Private Memory	-	-	-
rsaenh.dll	0x002d0000	0x0030bfff	Memory Mapped File	-	-	-
pagefile_0x00000000002d0000	0x002d0000	0x002d0fff	Pagefile Backed Memory	-	-	-
java.exe	0x00310000	0x0033efff	Memory Mapped File	-	-	-
pagefile_0x0000000000340000	0x00340000	0x00440fff	Pagefile Backed Memory	-	-	-
private_0x0000000000450000	0x00450000	0x004cffff	Private Memory	-	-	-
private_0x00000000004f0000	0x004f0000	0x005effff	Private Memory	-	-	-
pagefile_0x00000000005f0000	0x005f0000	0x011effff	Pagefile Backed Memory	-	-	-
private_0x00000000011f0000	0x011f0000	0x012effff	Private Memory	-	-	-
private_0x0000000001340000	0x01340000	0x0134ffff	Private Memory	-	-	-
pagefile_0x0000000001350000	0x01350000	0x01742fff	Pagefile Backed Memory	-	-	-
private_0x0000000001750000	0x01750000	0x0184ffff	Private Memory	-	-	-
private_0x0000000001850000	0x01850000	0x018affff	Private Memory	-	-	-
private_0x00000000018b0000	0x018b0000	0x018fffff	Private Memory	-	-	-
private_0x0000000001910000	0x01910000	0x0191ffff	Private Memory	-	-	-
private_0x0000000001920000	0x01920000	0x0391ffff	Private Memory	-	-	-
private_0x0000000003920000	0x03920000	0x039cffff	Private Memory	-	-	-
private_0x00000000039d0000	0x039d0000	0x03a1ffff	Private Memory	-	-	-
private_0x0000000003a30000	0x03a30000	0x03a7ffff	Private Memory	-	-	-
private_0x0000000003ab0000	0x03ab0000	0x03afffff	Private Memory	-	-	-
private_0x0000000003b00000	0x03b00000	0x03b4ffff	Private Memory	-	-	-
private_0x0000000003b90000	0x03b90000	0x03bdffff	Private Memory	-	-	-
private_0x0000000003be0000	0x03be0000	0x03d92fff	Private Memory	-	-	-
private_0x0000000003c20000	0x03c20000	0x03c6ffff	Private Memory	-	-	-
private_0x0000000003c70000	0x03c70000	0x03d4ffff	Private Memory	-	-	-
private_0x0000000003c90000	0x03c90000	0x03cdffff	Private Memory	-	-	-
private_0x0000000003d10000	0x03d10000	0x03d4ffff	Private Memory	-	-	-
private_0x0000000003d70000	0x03d70000	0x03dbffff	Private Memory	-	-	-
private_0x0000000003dc0000	0x03dc0000	0x03e0ffff	Private Memory	-	-	-
private_0x0000000003e60000	0x03e60000	0x03eaffff	Private Memory	-	-	-
private_0x0000000003eb0000	0x03eb0000	0x040affff	Private Memory	-	-	-
sortdefault.nls	0x040b0000	0x0437efff	Memory Mapped File	-	-	-
private_0x0000000004380000	0x04380000	0x044fffff	Private Memory	-	-	-
private_0x0000000004380000	0x04380000	0x0449ffff	Private Memory	-	-	-
private_0x0000000004380000	0x04380000	0x0447ffff	Private Memory	-	-	-
kernelbase.dll.mui	0x04380000	0x0443ffff	Memory Mapped File	-	-	-
private_0x0000000004440000	0x04440000	0x0447ffff	Private Memory	-	-	-
private_0x0000000004490000	0x04490000	0x0449ffff	Private Memory	-	-	-
private_0x00000000044f0000	0x044f0000	0x044fffff	Private Memory	-	-	-
private_0x0000000004500000	0x04500000	0x0464ffff	Private Memory	-	-	-
private_0x0000000004500000	0x04500000	0x045fffff	Private Memory	-	-	-
private_0x0000000004610000	0x04610000	0x0464ffff	Private Memory	-	-	-
private_0x0000000004650000	0x04650000	0x04a4ffff	Private Memory	-	-	-
private_0x0000000004a50000	0x04a50000	0x0524ffff	Private Memory	-	-	-
private_0x00000000052a0000	0x052a0000	0x052effff	Private Memory	-	-	-
rpcss.dll	0x052f0000	0x0534bfff	Memory Mapped File	-	-	-
private_0x00000000053b0000	0x053b0000	0x053fffff	Private Memory	-	-	-
private_0x0000000005400000	0x05400000	0x055fffff	Private Memory	-	-	-
pagefile_0x0000000005400000	0x05400000	0x054defff	Pagefile Backed Memory	-	-	-
private_0x00000000055c0000	0x055c0000	0x055fffff	Private Memory	-	-	-
private_0x00000000236d0000	0x236d0000	0x28c1ffff	Private Memory	-	-	-
private_0x0000000028c20000	0x28c20000	0x336cffff	Private Memory	-	-	-
private_0x00000000336d0000	0x336d0000	0x376cffff	Private Memory	-	-	-
classes.jsa	0x376d0000	0x37b0ffff	Memory Mapped File	-	-	-
private_0x0000000037b10000	0x37b10000	0x380cffff	Private Memory	-	-	-
classes.jsa	0x380d0000	0x3871ffff	Memory Mapped File	-	-	-
private_0x0000000038720000	0x38720000	0x38ccffff	Private Memory	-	-	-
classes.jsa	0x38cd0000	0x38f3ffff	Memory Mapped File	-	-	-
private_0x0000000038f40000	0x38f40000	0x390cffff	Private Memory	-	-	-
private_0x00000000390d0000	0x390d0000	0x390dffff	Private Memory	-	-	-
private_0x00000000390e0000	0x390e0000	0x394cffff	Private Memory	-	-	-
jvm.dll	0x6b030000	0x6b3affff	Memory Mapped File	-	-	-
awt.dll	0x6d120000	0x6d262fff	Memory Mapped File	-	-	-
winmm.dll	0x70250000	0x70281fff	Memory Mapped File	-	-	-
pnrpnsp.dll	0x71760000	0x71771fff	Memory Mapped File	-	-	-
winrnr.dll	0x71780000	0x71787fff	Memory Mapped File	-	-	-
napinsp.dll	0x717a0000	0x717affff	Memory Mapped File	-	-	-
rasadhlp.dll	0x717b0000	0x717b5fff	Memory Mapped File	-	-	-
nio.dll	0x71fe0000	0x71feefff	Memory Mapped File	-	-	-
msvcr100.dll	0x71ff0000	0x720aefff	Memory Mapped File	-	-	-
net.dll	0x72110000	0x72123fff	Memory Mapped File	-	-	-
sunec.dll	0x72130000	0x7214ffff	Memory Mapped File	-	-	-
zip.dll	0x72150000	0x72162fff	Memory Mapped File	-	-	-
java.dll	0x72170000	0x7218ffff	Memory Mapped File	-	-	-
verify.dll	0x72190000	0x7219bfff	Memory Mapped File	-	-	-
dwmapi.dll	0x731f0000	0x73202fff	Memory Mapped File	-	-	-
uxtheme.dll	0x73530000	0x7356ffff	Memory Mapped File	-	-	-
fwpuclnt.dll	0x737d0000	0x73807fff	Memory Mapped File	-	-	-
winnsi.dll	0x738e0000	0x738e6fff	Memory Mapped File	-	-	-
iphlpapi.dll	0x738f0000	0x7390bfff	Memory Mapped File	-	-	-
nlaapi.dll	0x73a60000	0x73a6ffff	Memory Mapped File	-	-	-
comctl32.dll	0x73ee0000	0x7407dfff	Memory Mapped File	-	-	-
wsock32.dll	0x740b0000	0x740b6fff	Memory Mapped File	-	-	-
wshtcpip.dll	0x744e0000	0x744e4fff	Memory Mapped File	-	-	-
userenv.dll	0x745b0000	0x745c6fff	Memory Mapped File	-	-	-
rsaenh.dll	0x74770000	0x747aafff	Memory Mapped File	-	-	-
dnsapi.dll	0x74850000	0x74893fff	Memory Mapped File	-	-	-
wship6.dll	0x74980000	0x74985fff	Memory Mapped File	-	-	-
mswsock.dll	0x74990000	0x749cbfff	Memory Mapped File	-	-	-
cryptsp.dll	0x749d0000	0x749e5fff	Memory Mapped File	-	-	-
cryptbase.dll	0x74e50000	0x74e5bfff	Memory Mapped File	-	-	-
profapi.dll	0x74f00000	0x74f0afff	Memory Mapped File	-	-	-
kernelbase.dll	0x75180000	0x751c9fff	Memory Mapped File	-	-	-
imm32.dll	0x75200000	0x7521efff	Memory Mapped File	-	-	-
shlwapi.dll	0x75220000	0x75276fff	Memory Mapped File	-	-	-
advapi32.dll	0x75280000	0x7531ffff	Memory Mapped File	-	-	-
msctf.dll	0x75370000	0x7543bfff	Memory Mapped File	-	-	-
sechost.dll	0x75440000	0x75458fff	Memory Mapped File	-	-	-
gdi32.dll	0x754f0000	0x7553dfff	Memory Mapped File	-	-	-
kernel32.dll	0x75540000	0x75613fff	Memory Mapped File	-	-	-
msvcrt.dll	0x75650000	0x756fbfff	Memory Mapped File	-	-	-
shell32.dll	0x75700000	0x76349fff	Memory Mapped File	-	-	-
psapi.dll	0x76350000	0x76354fff	Memory Mapped File	-	-	-
ole32.dll	0x76360000	0x764bbfff	Memory Mapped File	-	-	-
rpcrt4.dll	0x764c0000	0x76560fff	Memory Mapped File	-	-	-
usp10.dll	0x76570000	0x7660cfff	Memory Mapped File	-	-	-
nsi.dll	0x76850000	0x76855fff	Memory Mapped File	-	-	-
ws2_32.dll	0x76870000	0x768a4fff	Memory Mapped File	-	-	-
oleaut32.dll	0x76ab0000	0x76b3efff	Memory Mapped File	-	-	-
user32.dll	0x76b40000	0x76c08fff	Memory Mapped File	-	-	-
ntdll.dll	0x76db0000	0x76eebfff	Memory Mapped File	-	-	-
lpk.dll	0x76f50000	0x76f59fff	Memory Mapped File	-	-	-
apisetschema.dll	0x76ff0000	0x76ff0fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
private_0x000000007ffae000	0x7ffae000	0x7ffaefff	Private Memory	-	-	-
private_0x000000007ffaf000	0x7ffaf000	0x7ffaffff	Private Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffd3000	0x7ffd3000	0x7ffd3fff	Private Memory	-	-	-
private_0x000000007ffd4000	0x7ffd4000	0x7ffd4fff	Private Memory	-	-	-
private_0x000000007ffd5000	0x7ffd5000	0x7ffd5fff	Private Memory	-	-	-
private_0x000000007ffd6000	0x7ffd6000	0x7ffd6fff	Private Memory	-	-	-
private_0x000000007ffd7000	0x7ffd7000	0x7ffd7fff	Private Memory	-	-	-
private_0x000000007ffd8000	0x7ffd8000	0x7ffd8fff	Private Memory	-	-	-
private_0x000000007ffd9000	0x7ffd9000	0x7ffd9fff	Private Memory	-	-	-
private_0x000000007ffda000	0x7ffda000	0x7ffdafff	Private Memory	-	-	-
private_0x000000007ffdb000	0x7ffdb000	0x7ffdbfff	Private Memory	-	-	-
private_0x000000007ffdc000	0x7ffdc000	0x7ffdcfff	Private Memory	-	-	-
private_0x000000007ffdd000	0x7ffdd000	0x7ffddfff	Private Memory	-	-	-
private_0x000000007ffde000	0x7ffde000	0x7ffdefff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-
For performance reasons, the remaining 10 entries are omitted. The remaining entries can be found in flog.txt.

Created Files

Filename	File Size	Hash Values	Actions
C:\Users\2XC7U6~1\AppData\Local\Temp\_0.77866636596601243045465905282659207.class	241.30 KB	MD5: 781fb531354d6f291f1ccab48da6d39f SHA1: 9ce4518ebcb5be6d1f0b5477fa00c26860fe9a68 SHA256: 97d585b6aff62fb4e43e7e6a5f816dcd7a14be11a88b109a9ba9e8cd4c456eb9 SSDeep: 6144:WI5pxUZ7Gvi8ulm+yV/rIF0/MO2qnan1J7pXESN6U:J5pxAGqNkrIq/MO2qnA	... File Actions Show Properties Download
C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive2955724691501239824.vbs	0.27 KB	MD5: 3bdfd33017806b85949b6faa7d4b98e4 SHA1: f92844fee69ef98db6e68931adfaa9a0a0f8ce66 SHA256: 9da575dd2d5b7c1e9bab8b51a16cde457b3371c6dcdb0537356cf1497fa868f6 SSDeep: 6:jpxiFtqvAAT+geD5NaqZxLMTrLavbx3laDH6djsyn:vmtqvAndZFcrG9lpjsyn	... File Actions Show Properties Download
C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs	0.27 KB	MD5: a32c109297ed1ca155598cd295c26611 SHA1: dc4a1fdbaad15ddd6fe22d3907c6b03727b71510 SHA256: 45bfe34aa3ef932f75101246eb53d032f5e7cf6d1f5b4e495334955a255f32e7 SSDeep: 6:jpxiFtqvAAT+geD5NaqZxLMTQQQavbx3la2Zp6djsyn:vmtqvAndZFcQU9lrXyjsyn	... File Actions Show Properties Download
C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar	621.19 KB	MD5: df6fc309f66b3cdb33a8fd183343a610 SHA1: be9e3ae27e19694034f0f7ae81b162befd61689c SHA256: fd86a9b0f3bcd1dc2b061bb7a77b3871cb6d101505218f763221ee9945e69bf3 SSDeep: 12288:uaVkKWNQXHKobX++/y8rzRZ+otjI+qc+gMNYCEgYjsGGjOXbwlQoMxEVuXLN:5zFfX+Irr+ISc+gh/gY5wla/LN	... File Actions Show Properties Download
C:\Users\2XC7u663GxWc\cqsFQOTqbmg\ID.txt	0.05 KB	MD5: 9b201b1dd02cb80825eeb818b96627f3 SHA1: 2bd36111bde69244396c5fb8539c89b714b2e6a5 SHA256: d56585c6039877175e2ebe7a32e04e7c98e947f55839e8cf0e3abc6d06ebb790 SSDeep: 3:YwwAHMaHM3+bIx74Re:YwwAHfHIxsRe	... File Actions Show Properties Download

Threads

Thread 0xce0

3930

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\program files\java\jre7\bin\client\jvm.dll, base_address = 0x6b030000	1	Fn
Module	Get Address	module_name = c:\program files\java\jre7\bin\client\jvm.dll, function = JVM_GetVersionInfo, address_out = 0x6b11d980	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = GetNativeSystemInfo, address_out = 0x7557be77	1	Fn
System	Get Info	type = Hardware Information	2	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, value_name = Desktop, data = C:\Users\2XC7u663GxWc\Desktop, type = REG_SZ	1	Fn
Module	Get Handle	module_name = c:\program files\java\jre7\bin\client\jvm.dll, base_address = 0x6b030000	1	Fn
Module	Get Filename	module_name = c:\program files\java\jre7\bin\client\jvm.dll, process_name = c:\program files\java\jre7\bin\java.exe, file_name_orig = C:\Program Files\Java\jre7\bin\client\jvm.dll, size = 260	1	Fn
File	Create	filename = C:\Program Files\Java\jre7\lib\rt.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 7, size_out = 7	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1781193, size_out = 1781193	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 709, size_out = 709	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 277, size_out = 277	1	Fn Data
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	1	Fn
File	Open	filename = STD_ERROR_HANDLE	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2305, size_out = 2305	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1022, size_out = 1022	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2882, size_out = 2882	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 104, size_out = 104	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 728, size_out = 728	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 345, size_out = 345	1	Fn Data
System	Get Info	type = Operating System	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000, flags = GET_MODULE_HANDLE_EX_FLAG_UNCHANGED_REFCOUNT, GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = GetFinalPathNameByHandleW, address_out = 0x75574e2a	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 815, size_out = 815	1	Fn Data
File	Get Info	filename = C:\Program Files\Java\jre7\bin\zip.dll, type = file_attributes	3	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1105, size_out = 1105	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1761, size_out = 1761	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 514, size_out = 514	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 970, size_out = 970	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2589, size_out = 2589	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1008, size_out = 1008	1	Fn Data
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\meta-index, type = file_attributes	1	Fn
File	Create	filename = C:\Program Files\Java\jre7\lib\ext\meta-index, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2004, size_out = 2004	1	Fn Data
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext, type = file_attributes	2	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 669, size_out = 669	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\meta-index, size = 8192, size_out = 829	1	Fn Data
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\meta-index, type = file_type	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\meta-index, type = size, size_out = 829	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 962, size_out = 962	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 934, size_out = 934	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1720, size_out = 1720	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1012, size_out = 1012	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3028, size_out = 3028	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1111, size_out = 1111	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2976, size_out = 2976	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 672, size_out = 672	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1189, size_out = 1189	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2646, size_out = 2646	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\meta-index, size = 8192, size_out = 0	1	Fn
File	Get Info	filename = C:\Windows\Sun\Java\lib\ext\meta-index, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\access-bridge.jar, type = file_attributes	3	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 966, size_out = 966	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 800, size_out = 800	1	Fn Data
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\dnsns.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\jaccess.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\localedata.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\sunpkcs11.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\zipfs.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Windows\Sun\Java\lib\ext, type = file_attributes	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1280, size_out = 1280	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 609, size_out = 609	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 628, size_out = 628	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 328, size_out = 328	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 327, size_out = 327	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, type = file_attributes	3	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\management\usagetracker.properties, type = file_attributes	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 12212, size_out = 12212	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 748, size_out = 748	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6630, size_out = 6630	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3392, size_out = 3392	1	Fn Data
File	Create	filename = C:\Users\2XC7U6~1\Desktop\Bissell New PO.qrypted.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\Desktop\Bissell New PO.qrypted.jar, type = time	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\Desktop\Bissell New PO.qrypted.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\Desktop\Bissell New PO.qrypted.jar, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Users\2XC7U6~1\Desktop\Bissell New PO.qrypted.jar, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Users\2XC7U6~1\Desktop\Bissell New PO.qrypted.jar, size = 30105, size_out = 30105	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2563, size_out = 2563	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 476, size_out = 476	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2703, size_out = 2703	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 753, size_out = 753	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3690, size_out = 3690	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3361, size_out = 3361	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3599, size_out = 3599	1	Fn Data
File	Read	filename = C:\Users\2XC7U6~1\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 260, size_out = 260	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1899, size_out = 1899	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 678, size_out = 678	1	Fn Data
File	Read	filename = C:\Users\2XC7U6~1\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7U6~1\Desktop\Bissell New PO.qrypted.jar, size = 100, size_out = 100	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1909, size_out = 1909	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 670, size_out = 670	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 762, size_out = 762	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1016, size_out = 1016	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1133, size_out = 1133	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 921, size_out = 921	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1133, size_out = 1133	1	Fn Data
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\access-bridge.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\dnsns.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\jaccess.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\localedata.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\sunpkcs11.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\zipfs.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, type = time	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30105, size_out = 30105	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 100, size_out = 100	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	2	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 100, size_out = 100	2	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 391, size_out = 391	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, type = file_attributes	2	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 452, size_out = 452	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 536, size_out = 536	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 521, size_out = 521	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 491, size_out = 491	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 506, size_out = 506	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 515, size_out = 515	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 361, size_out = 361	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 331, size_out = 331	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 675, size_out = 675	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 451, size_out = 451	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 355, size_out = 355	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 299, size_out = 299	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 474, size_out = 474	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 655, size_out = 655	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 303, size_out = 303	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 335, size_out = 335	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 418, size_out = 418	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 430, size_out = 430	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 453, size_out = 453	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 555, size_out = 555	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 408, size_out = 408	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 477, size_out = 477	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 562, size_out = 562	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 394, size_out = 394	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 477, size_out = 477	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 462, size_out = 462	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 371, size_out = 371	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 231, size_out = 231	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 496, size_out = 496	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 691, size_out = 691	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 509, size_out = 509	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 580, size_out = 580	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 391, size_out = 391	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 496, size_out = 496	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 348, size_out = 348	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 331, size_out = 331	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 802, size_out = 802	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1127, size_out = 1127	1	Fn Data
File	Get Info	filename = C:\Program Files\Java\jre7\lib\resources.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\meta-index, type = file_attributes	1	Fn
File	Create	filename = C:\Program Files\Java\jre7\lib\meta-index, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib, type = file_attributes	2	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\meta-index, size = 8192, size_out = 2190	1	Fn Data
File	Get Info	filename = C:\Program Files\Java\jre7\lib\meta-index, type = file_type	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\meta-index, type = size, size_out = 2190	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\meta-index, size = 8192, size_out = 0	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\rt.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\sunrsasign.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\jsse.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\jce.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\charsets.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\jfr.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\classes, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\meta-index, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\resources.jar, type = file_attributes	3	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\rt.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\sunrsasign.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\jsse.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\jce.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\charsets.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\jfr.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\classes, type = file_attributes	2	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\resources.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\rt.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\sunrsasign.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\jsse.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\jce.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\charsets.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\jfr.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\classes, type = file_attributes	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	2	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 329, size_out = 329	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 383, size_out = 383	1	Fn Data
File	Create	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, type = time	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	2	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 332, size_out = 332	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 348, size_out = 348	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 461, size_out = 461	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 570, size_out = 570	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 5504, size_out = 5504	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 582, size_out = 582	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 535, size_out = 535	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 678, size_out = 678	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 315, size_out = 315	1	Fn Data
File	Create	filename = C:\Program Files\Java\jre7\lib\jce.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 6708, size_out = 6708	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 4096, size_out = 4096	2	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 1693, size_out = 1693	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 1351, size_out = 1351	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1358, size_out = 1358	1	Fn Data
File	Get Info	filename = C:\Program Files\Java\jre7\lib\security\java.security, type = file_attributes	1	Fn
File	Create	filename = C:\Program Files\Java\jre7\lib\security\java.security, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\security\java.security, size = 8192, size_out = 8192	2	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\java.security, size = 8192, size_out = 1440	1	Fn Data
File	Get Info	filename = C:\Program Files\Java\jre7\lib\security\java.security, type = file_type	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\security\java.security, type = size, size_out = 17824	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\security\java.security, size = 8192, size_out = 0	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2345, size_out = 2345	1	Fn Data
File	Create	filename = C:\Program Files\Java\jre7\lib\jsse.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 7, size_out = 7	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 13694, size_out = 13694	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 1056, size_out = 1056	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3940, size_out = 3940	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 5672, size_out = 5672	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 844, size_out = 844	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1453, size_out = 1453	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 803, size_out = 803	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2601, size_out = 2601	1	Fn Data
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, type = file_attributes	1	Fn
File	Create	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, type = time	1	Fn
File	Create	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 1240, size_out = 1240	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 160, size_out = 160	2	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 590, size_out = 590	2	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 525, size_out = 525	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 1320, size_out = 1320	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2666, size_out = 2666	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 314, size_out = 314	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 951, size_out = 951	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 10594, size_out = 10594	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3882, size_out = 3882	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3549, size_out = 3549	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1381, size_out = 1381	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 8211, size_out = 8211	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1075, size_out = 1075	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3695, size_out = 3695	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2117, size_out = 2117	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 346, size_out = 346	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 576, size_out = 576	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 24203, size_out = 24203	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 13092, size_out = 13092	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 623, size_out = 623	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3174, size_out = 3174	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2257, size_out = 2257	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1621, size_out = 1621	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2563, size_out = 2563	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2395, size_out = 2395	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 14258, size_out = 14258	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 853, size_out = 853	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 967, size_out = 967	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3914, size_out = 3914	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 5828, size_out = 5828	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 12814, size_out = 12814	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4077, size_out = 4077	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2399, size_out = 2399	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2181, size_out = 2181	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 308, size_out = 308	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 381, size_out = 381	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 78, size_out = 78	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4556, size_out = 4556	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6732, size_out = 6732	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 732, size_out = 732	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 454, size_out = 454	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 457, size_out = 457	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 973, size_out = 973	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 310, size_out = 310	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2812, size_out = 2812	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 278, size_out = 278	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 131, size_out = 131	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3431, size_out = 3431	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 382, size_out = 382	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 281, size_out = 281	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 5929, size_out = 5929	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6713, size_out = 6713	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3217, size_out = 3217	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 265, size_out = 265	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6705, size_out = 6705	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3395, size_out = 3395	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1337, size_out = 1337	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 5120, size_out = 5120	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 374, size_out = 374	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1663, size_out = 1663	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4945, size_out = 4945	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2801, size_out = 2801	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2263, size_out = 2263	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4843, size_out = 4843	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2266, size_out = 2266	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3589, size_out = 3589	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3217, size_out = 3217	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2498, size_out = 2498	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2363, size_out = 2363	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 631, size_out = 631	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 866, size_out = 866	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 282, size_out = 282	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3850, size_out = 3850	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 591, size_out = 591	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 907, size_out = 907	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3908, size_out = 3908	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 8490, size_out = 8490	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 444, size_out = 444	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1731, size_out = 1731	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4645, size_out = 4645	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 11624, size_out = 11624	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 915, size_out = 915	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 687, size_out = 687	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 11725, size_out = 11725	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1715, size_out = 1715	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1952, size_out = 1952	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1957, size_out = 1957	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1960, size_out = 1960	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1966, size_out = 1966	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 441, size_out = 441	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 723, size_out = 723	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3045, size_out = 3045	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2242, size_out = 2242	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 387, size_out = 387	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6064, size_out = 6064	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1369, size_out = 1369	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4032, size_out = 4032	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6002, size_out = 6002	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6001, size_out = 6001	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2439, size_out = 2439	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 144, size_out = 144	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1559, size_out = 1559	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 499, size_out = 499	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 734, size_out = 734	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 390, size_out = 390	1	Fn Data
File	Get Info	filename = C:\Program%20Files\Java\jre7\lib\ext\x86\sunec.dll, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program%20Files\Java\jre7\lib\ext\sunec.dll, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\bin\sunec.dll, type = file_attributes	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 1434, size_out = 1434	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 454, size_out = 454	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 5439, size_out = 5439	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 619, size_out = 619	1	Fn Data
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, type = file_attributes	1	Fn
File	Create	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, type = time	1	Fn
File	Create	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 10470, size_out = 10470	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 160, size_out = 160	2	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 3596, size_out = 3596	2	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 3529, size_out = 3529	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1320, size_out = 1320	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 160, size_out = 160	2	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 735, size_out = 735	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4170, size_out = 4170	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 817, size_out = 817	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 331, size_out = 331	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2357, size_out = 2357	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 187, size_out = 187	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 3665, size_out = 3665	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 3856, size_out = 3856	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 333, size_out = 333	1	Fn Data
File	Get Info	filename = C:\Program Files\Java\jre7\lib\rt.jar, type = file_attributes	1	Fn
File	Create	filename = C:\Program Files\Java\jre7\lib\rt.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\rt.jar, type = time	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\jce.jar, type = file_attributes	1	Fn
File	Create	filename = C:\Program Files\Java\jre7\lib\jce.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\jce.jar, type = time	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Get Info	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, type = file_attributes	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 2915, size_out = 2915	1	Fn Data
File	Create	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, type = time	1	Fn
File	Create	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 328, size_out = 328	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 350, size_out = 350	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 160, size_out = 160	3	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 213, size_out = 213	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 1319, size_out = 1319	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 151, size_out = 151	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 92, size_out = 92	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 4096, size_out = 4096	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 47, size_out = 47	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 115, size_out = 115	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 502, size_out = 502	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 807, size_out = 807	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 530, size_out = 530	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 1987, size_out = 1987	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 706, size_out = 706	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 4096, size_out = 4096	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 3777, size_out = 3777	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 3082, size_out = 3082	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4270, size_out = 4270	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 8559, size_out = 8559	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6031, size_out = 6031	1	Fn Data
File	Get Info	filename = C:\Program Files\Java\jre7\bin\net.dll, type = file_attributes	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 671, size_out = 671	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1961, size_out = 1961	1	Fn Data
DNS	Get Hostname	name_out = ZgW5tdPu	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3287, size_out = 3287	1	Fn Data
DNS	Resolve Name	host = ZgW5tdPu, address_out = fe80:0000:0000:0000:5969:84a4:f9e2:1f2b, 192.168.0.60	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp, type = file_attributes	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 383, size_out = 383	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3661, size_out = 3661	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 292, size_out = 292	1	Fn Data
File	Create	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, type = time	1	Fn
File	Create	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 389, size_out = 389	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 411, size_out = 411	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 194, size_out = 194	2	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 242, size_out = 242	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 1318, size_out = 1318	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 153, size_out = 153	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 209, size_out = 209	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 883, size_out = 883	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 994, size_out = 994	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 780, size_out = 780	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 206, size_out = 206	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 533, size_out = 533	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 775, size_out = 775	1	Fn Data
File	Create	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, type = time	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 301, size_out = 301	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 8192, size_out = 8192	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 3596, size_out = 3596	2	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 3529, size_out = 3529	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1320, size_out = 1320	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 160, size_out = 160	2	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 3596, size_out = 3596	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 3529, size_out = 3529	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1320, size_out = 1320	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
For performance reasons, the remaining 2740 entries are omitted. The remaining entries can be found in glog.xml.

Thread 0xd48

Category	Operation	Information	Count	Logfile
Module	Load	module_name = COMCTL32.dll, base_address = 0x73ee0000	1	Fn
Module	Get Address	module_name = c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll, function = InitCommonControlsEx, address_out = 0x73f009ce	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = LoadIconW, address_out = 0x76b4f142	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = RegisterClassW, address_out = 0x76b4ed4a	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = GetDC, address_out = 0x76b5544c	1	Fn
Module	Load	module_name = GDI32.dll, base_address = 0x754f0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\gdi32.dll, function = GetDeviceCaps, address_out = 0x754f6f7f	2	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = ReleaseDC, address_out = 0x76b55421	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = CreateWindowExW, address_out = 0x76b4ec7c	1	Fn
Window	Create	window_name = theAwtToolkitWindow, class_name = SunAwtToolkit, wndproc_parameter = 0	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = DefWindowProcW, address_out = 0x76b5507d	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = SetWindowsHookExW, address_out = 0x76b4e30c	1	Fn
System	Register Hook	type = WH_GETMESSAGE, hookproc_address = 0x6d1b1da0	1	Fn
Module	Load	module_name = ole32.dll, base_address = 0x76360000	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = OleInitialize, address_out = 0x7637efd7	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 569, size_out = 569	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 333, size_out = 333	1	Fn Data
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = WaitMessage, address_out = 0x76b566bd	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = PeekMessageW, address_out = 0x76b5634a	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = EnumThreadWindows, address_out = 0x76b4b712	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = PostMessageW, address_out = 0x76b5447b	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = CallNextHookEx, address_out = 0x76b4abe1	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = PostQuitMessage, address_out = 0x76b4b308	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = OleUninitialize, address_out = 0x7637eba1	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = GetMessageW, address_out = 0x76b5cde8	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = IsWindow, address_out = 0x76b553ba	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = DestroyWindow, address_out = 0x76b4b2f4	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = UnregisterClassW, address_out = 0x76b4b9ae	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = UnhookWindowsHookEx, address_out = 0x76b4adf9	1	Fn

Thread 0xd60

3849

Category	Operation	Information	Count	Logfile
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 706, size_out = 706	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\Desktop\Bissell New PO.qrypted.jar, size = 3, size_out = 3	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 448, size_out = 448	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4013, size_out = 4013	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1566, size_out = 1566	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 402, size_out = 402	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 1366, size_out = 1366	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 9311, size_out = 9311	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 3572, size_out = 3572	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1619, size_out = 1619	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 2404, size_out = 2404	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 3013, size_out = 3013	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 1708, size_out = 1708	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 2879, size_out = 2879	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 1285, size_out = 1285	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 1398, size_out = 1398	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 1090, size_out = 1090	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 3789, size_out = 3789	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 436, size_out = 436	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 792, size_out = 792	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 384, size_out = 384	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 78, size_out = 78	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 1217, size_out = 1217	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 480, size_out = 480	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 622, size_out = 622	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 76, size_out = 76	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 527, size_out = 527	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 4051, size_out = 4051	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 7991, size_out = 7991	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 704, size_out = 704	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 8401, size_out = 8401	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 2096, size_out = 2096	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2691, size_out = 2691	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1111, size_out = 1111	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive2955724691501239824.vbs, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive2955724691501239824.vbs, desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, FILE_FLAG_OPEN_REPARSE_POINT, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive2955724691501239824.vbs, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Write	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive2955724691501239824.vbs, size = 276	1	Fn Data
System	Get Info	type = Operating System	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
Process	Create	process_name = cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive2955724691501239824.vbs, os_pid = 0xd64, creation_flags = CREATE_UNICODE_ENVIRONMENT, CREATE_NO_WINDOW, startup_flags = STARTF_USESTDHANDLES, show_window = SW_HIDE	1	Fn
File	Read	size = 8192, size_out = 108	1	Fn Data
File	Get Info	type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	size = 8192, size_out = 0	1	Fn
Process	Terminate	exit_code = 1	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive2955724691501239824.vbs, type = file_attributes	1	Fn
File	Delete	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive2955724691501239824.vbs	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, FILE_FLAG_OPEN_REPARSE_POINT, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Write	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 281	1	Fn Data
System	Get Info	type = Operating System	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
Process	Create	process_name = cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, os_pid = 0xdf8, creation_flags = CREATE_UNICODE_ENVIRONMENT, CREATE_NO_WINDOW, startup_flags = STARTF_USESTDHANDLES, show_window = SW_HIDE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive2955724691501239824.vbs, size = 8192, size_out = 108	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive2955724691501239824.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive2955724691501239824.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive2955724691501239824.vbs, size = 8192, size_out = 0	1	Fn
Process	Terminate	exit_code = 1	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_attributes	1	Fn
File	Delete	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\javaw.exe, type = file_attributes	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
Process	Create	process_name = xcopy "C:\Program Files\Java\jre7" "C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\" /e, os_pid = 0xe58, creation_flags = CREATE_UNICODE_ENVIRONMENT, CREATE_NO_WINDOW, startup_flags = STARTF_USESTDHANDLES, show_window = SW_HIDE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 38	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 36	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 39	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 36	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 63	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 56	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 41	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 40	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 45	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 41	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 47	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 43	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 45	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 46	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 41	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 48	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 46	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 42	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 46	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 51	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 42	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 46	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 47	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 43	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 45	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 44	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 46	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 45	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 41	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 41	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 53	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 44	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 48	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 47	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 42	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 43	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 50	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 41	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 53	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 45	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 41	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 40	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 45	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 46	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 40	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 44	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 48	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 46	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 43	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 127	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 44	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 43	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 45	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 40	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 41	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 43	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 45	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 41	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 44	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 42	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 42	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 41	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 44	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 44	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 47	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 47	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 45	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 40	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 40	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 48	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 45	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 40	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 41	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 44	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 47	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 46	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 41	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 48	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 47	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 49	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 40	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 45	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 42	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 46	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 40	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 46	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 43	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 46	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 43	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 49	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 56	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 45	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 40	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 51	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 47	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 50	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 57	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 59	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 53	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 50	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 57	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 43	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 53	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 45	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 42	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 57	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 46	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 43	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 53	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 47	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 58	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 50	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 43	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 40	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 40	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 42	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 41	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 46	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 51	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 53	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 43	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 47	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 43	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 53	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 53	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 46	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 39	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 49	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 43	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 46	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 44	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 50	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 44	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 44	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 51	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 59	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 62	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 62	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 62	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 62	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 62	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 62	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 65	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 62	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 65	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 65	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 65	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 50	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 52	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 66	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 54	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 46	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 48	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 51	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 47	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 46	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 56	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 50	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 50	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 46	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 63	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 65	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 61	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 62	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 61	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 60	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 63	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 66	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 45	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 66	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 64	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 71	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 8192, size_out = 73	1	Fn Data
For performance reasons, the remaining 2845 entries are omitted. The remaining entries can be found in glog.xml.

Thread 0xf60

Category	Operation	Information	Success	Count	Logfile
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = SendMessageW, address_out = 0x76b55539		1	Fn

Process #2: java.exe

2884

Information	Value
ID	#2
File Name	c:\program files\java\jre7\bin\java.exe
Command Line	"C:\Program Files\Java\jre7\bin\java.exe" -jar C:\Users\2XC7U6~1\AppData\Local\Temp\_0.77866636596601243045465905282659207.class
Initial Working Directory	C:\Users\2XC7u663GxWc\Desktop\
Monitor	Start Time: 00:00:23, Reason: Child Process
Unmonitor	End Time: 00:01:21, Reason: Self Terminated
Monitor Duration	00:00:58

OS Process Information

Information	Value
PID	0xd18
Parent PID	0xcc0 (c:\program files\java\jre7\bin\java.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x D1C 0x D30 0x D34 0x D38 0x D3C 0x D54 0x D4C 0x D50 0x D5C 0x D58 0x D80 0x D94 0x D98 0x D9C 0x DAC 0x EA8 0x 4CC 0x 93C 0x 980 0x 97C 0x 718

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	-	-	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000030000	0x00030000	0x00033fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000040000	0x00040000	0x00042fff	Pagefile Backed Memory	-	-	-
locale.nls	0x00050000	0x000b6fff	Memory Mapped File	-	-	-
private_0x00000000000c0000	0x000c0000	0x000c0fff	Private Memory	-	-	-
private_0x00000000000d0000	0x000d0000	0x000d0fff	Private Memory	-	-	-
pagefile_0x00000000000e0000	0x000e0000	0x000e0fff	Pagefile Backed Memory	-	-	-
pagefile_0x00000000000f0000	0x000f0000	0x000f1fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000100000	0x00100000	0x00106fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000110000	0x00110000	0x00111fff	Pagefile Backed Memory	-	-	-
private_0x0000000000120000	0x00120000	0x00120fff	Private Memory	-	-	-
private_0x0000000000130000	0x00130000	0x00130fff	Private Memory	-	-	-
private_0x0000000000140000	0x00140000	0x0018ffff	Private Memory	-	-	-
pagefile_0x0000000000190000	0x00190000	0x00257fff	Pagefile Backed Memory	-	-	-
3352	0x00260000	0x0026ffff	Memory Mapped File	-	-	-
private_0x0000000000270000	0x00270000	0x002effff	Private Memory	-	-	-
private_0x00000000002f0000	0x002f0000	0x002fffff	Private Memory	-	-	-
private_0x0000000000300000	0x00300000	0x0030ffff	Private Memory	-	-	-
java.exe	0x00310000	0x0033efff	Memory Mapped File	-	-	-
pagefile_0x0000000000340000	0x00340000	0x00440fff	Pagefile Backed Memory	-	-	-
private_0x0000000000450000	0x00450000	0x004affff	Private Memory	-	-	-
private_0x00000000004b0000	0x004b0000	0x005affff	Private Memory	-	-	-
pagefile_0x00000000005b0000	0x005b0000	0x011affff	Pagefile Backed Memory	-	-	-
private_0x00000000011b0000	0x011b0000	0x012affff	Private Memory	-	-	-
private_0x00000000012b0000	0x012b0000	0x0135ffff	Private Memory	-	-	-
private_0x0000000001360000	0x01360000	0x0136ffff	Private Memory	-	-	-
private_0x0000000001370000	0x01370000	0x0137ffff	Private Memory	-	-	-
pagefile_0x0000000001380000	0x01380000	0x01772fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000001780000	0x01780000	0x01780fff	Pagefile Backed Memory	-	-	-
private_0x0000000001790000	0x01790000	0x017dffff	Private Memory	-	-	-
private_0x00000000017e0000	0x017e0000	0x018dffff	Private Memory	-	-	-
private_0x00000000018e0000	0x018e0000	0x0190ffff	Private Memory	-	-	-
private_0x0000000001910000	0x01910000	0x0195ffff	Private Memory	-	-	-
private_0x0000000001960000	0x01960000	0x0196ffff	Private Memory	-	-	-
private_0x0000000001970000	0x01970000	0x0396ffff	Private Memory	-	-	-
private_0x00000000039a0000	0x039a0000	0x039effff	Private Memory	-	-	-
private_0x0000000003a00000	0x03a00000	0x03a4ffff	Private Memory	-	-	-
private_0x0000000003a50000	0x03a50000	0x03a8ffff	Private Memory	-	-	-
private_0x0000000003a90000	0x03a90000	0x03adffff	Private Memory	-	-	-
private_0x0000000003b10000	0x03b10000	0x03b5ffff	Private Memory	-	-	-
private_0x0000000003b90000	0x03b90000	0x03bdffff	Private Memory	-	-	-
rsaenh.dll	0x03be0000	0x03c1bfff	Memory Mapped File	-	-	-
private_0x0000000003be0000	0x03be0000	0x03c2ffff	Private Memory	-	-	-
private_0x0000000003bf0000	0x03bf0000	0x03c3ffff	Private Memory	-	-	-
private_0x0000000003c40000	0x03c40000	0x03c8ffff	Private Memory	-	-	-
private_0x0000000003c90000	0x03c90000	0x03e42fff	Private Memory	-	-	-
private_0x0000000003c90000	0x03c90000	0x03d6ffff	Private Memory	-	-	-
private_0x0000000003c90000	0x03c90000	0x03d0ffff	Private Memory	-	-	-
private_0x0000000003d10000	0x03d10000	0x03d5ffff	Private Memory	-	-	-
private_0x0000000003d60000	0x03d60000	0x03d6ffff	Private Memory	-	-	-
private_0x0000000003d70000	0x03d70000	0x03e2ffff	Private Memory	-	-	-
rpcss.dll	0x03d70000	0x03dcbfff	Memory Mapped File	-	-	-
private_0x0000000003d70000	0x03d70000	0x03dbffff	Private Memory	-	-	-
private_0x0000000003df0000	0x03df0000	0x03e2ffff	Private Memory	-	-	-
private_0x0000000003e30000	0x03e30000	0x03e7ffff	Private Memory	-	-	-
private_0x0000000003e80000	0x03e80000	0x0407ffff	Private Memory	-	-	-
sortdefault.nls	0x04080000	0x0434efff	Memory Mapped File	-	-	-
private_0x0000000004350000	0x04350000	0x0442ffff	Private Memory	-	-	-
kernelbase.dll.mui	0x04350000	0x0440ffff	Memory Mapped File	-	-	-
private_0x0000000004420000	0x04420000	0x0442ffff	Private Memory	-	-	-
private_0x0000000004430000	0x04430000	0x0452ffff	Private Memory	-	-	-
private_0x0000000004590000	0x04590000	0x045dffff	Private Memory	-	-	-
private_0x00000000045f0000	0x045f0000	0x0463ffff	Private Memory	-	-	-
private_0x0000000004680000	0x04680000	0x046cffff	Private Memory	-	-	-
private_0x00000000046d0000	0x046d0000	0x0485ffff	Private Memory	-	-	-
pagefile_0x00000000046d0000	0x046d0000	0x047aefff	Pagefile Backed Memory	-	-	-
private_0x0000000004820000	0x04820000	0x0485ffff	Private Memory	-	-	-
private_0x00000000048b0000	0x048b0000	0x048fffff	Private Memory	-	-	-
private_0x00000000236d0000	0x236d0000	0x28c1ffff	Private Memory	-	-	-
private_0x0000000028c20000	0x28c20000	0x336cffff	Private Memory	-	-	-
private_0x00000000336d0000	0x336d0000	0x376cffff	Private Memory	-	-	-
classes.jsa	0x376d0000	0x37b0ffff	Memory Mapped File	-	-	-
private_0x0000000037b10000	0x37b10000	0x380cffff	Private Memory	-	-	-
classes.jsa	0x380d0000	0x3871ffff	Memory Mapped File	-	-	-
private_0x0000000038720000	0x38720000	0x38ccffff	Private Memory	-	-	-
classes.jsa	0x38cd0000	0x38f3ffff	Memory Mapped File	-	-	-
private_0x0000000038f40000	0x38f40000	0x390cffff	Private Memory	-	-	-
private_0x00000000390d0000	0x390d0000	0x390dffff	Private Memory	-	-	-
private_0x00000000390e0000	0x390e0000	0x394cffff	Private Memory	-	-	-
jvm.dll	0x6b030000	0x6b3affff	Memory Mapped File	-	-	-
awt.dll	0x6d120000	0x6d262fff	Memory Mapped File	-	-	-
winmm.dll	0x70250000	0x70281fff	Memory Mapped File	-	-	-
pnrpnsp.dll	0x71760000	0x71771fff	Memory Mapped File	-	-	-
winrnr.dll	0x71780000	0x71787fff	Memory Mapped File	-	-	-
napinsp.dll	0x717a0000	0x717affff	Memory Mapped File	-	-	-
rasadhlp.dll	0x717b0000	0x717b5fff	Memory Mapped File	-	-	-
nio.dll	0x71fe0000	0x71feefff	Memory Mapped File	-	-	-
msvcr100.dll	0x71ff0000	0x720aefff	Memory Mapped File	-	-	-
net.dll	0x72110000	0x72123fff	Memory Mapped File	-	-	-
sunec.dll	0x72130000	0x7214ffff	Memory Mapped File	-	-	-
zip.dll	0x72150000	0x72162fff	Memory Mapped File	-	-	-
java.dll	0x72170000	0x7218ffff	Memory Mapped File	-	-	-
verify.dll	0x72190000	0x7219bfff	Memory Mapped File	-	-	-
dwmapi.dll	0x731f0000	0x73202fff	Memory Mapped File	-	-	-
uxtheme.dll	0x73530000	0x7356ffff	Memory Mapped File	-	-	-
fwpuclnt.dll	0x737d0000	0x73807fff	Memory Mapped File	-	-	-
winnsi.dll	0x738e0000	0x738e6fff	Memory Mapped File	-	-	-
iphlpapi.dll	0x738f0000	0x7390bfff	Memory Mapped File	-	-	-
nlaapi.dll	0x73a60000	0x73a6ffff	Memory Mapped File	-	-	-
comctl32.dll	0x73ee0000	0x7407dfff	Memory Mapped File	-	-	-
wsock32.dll	0x740b0000	0x740b6fff	Memory Mapped File	-	-	-
wshtcpip.dll	0x744e0000	0x744e4fff	Memory Mapped File	-	-	-
userenv.dll	0x745b0000	0x745c6fff	Memory Mapped File	-	-	-
rsaenh.dll	0x74770000	0x747aafff	Memory Mapped File	-	-	-
dnsapi.dll	0x74850000	0x74893fff	Memory Mapped File	-	-	-
wship6.dll	0x74980000	0x74985fff	Memory Mapped File	-	-	-
mswsock.dll	0x74990000	0x749cbfff	Memory Mapped File	-	-	-
cryptsp.dll	0x749d0000	0x749e5fff	Memory Mapped File	-	-	-
cryptbase.dll	0x74e50000	0x74e5bfff	Memory Mapped File	-	-	-
profapi.dll	0x74f00000	0x74f0afff	Memory Mapped File	-	-	-
kernelbase.dll	0x75180000	0x751c9fff	Memory Mapped File	-	-	-
imm32.dll	0x75200000	0x7521efff	Memory Mapped File	-	-	-
shlwapi.dll	0x75220000	0x75276fff	Memory Mapped File	-	-	-
advapi32.dll	0x75280000	0x7531ffff	Memory Mapped File	-	-	-
msctf.dll	0x75370000	0x7543bfff	Memory Mapped File	-	-	-
sechost.dll	0x75440000	0x75458fff	Memory Mapped File	-	-	-
gdi32.dll	0x754f0000	0x7553dfff	Memory Mapped File	-	-	-
kernel32.dll	0x75540000	0x75613fff	Memory Mapped File	-	-	-
msvcrt.dll	0x75650000	0x756fbfff	Memory Mapped File	-	-	-
shell32.dll	0x75700000	0x76349fff	Memory Mapped File	-	-	-
psapi.dll	0x76350000	0x76354fff	Memory Mapped File	-	-	-
ole32.dll	0x76360000	0x764bbfff	Memory Mapped File	-	-	-
rpcrt4.dll	0x764c0000	0x76560fff	Memory Mapped File	-	-	-
usp10.dll	0x76570000	0x7660cfff	Memory Mapped File	-	-	-
nsi.dll	0x76850000	0x76855fff	Memory Mapped File	-	-	-
ws2_32.dll	0x76870000	0x768a4fff	Memory Mapped File	-	-	-
oleaut32.dll	0x76ab0000	0x76b3efff	Memory Mapped File	-	-	-
user32.dll	0x76b40000	0x76c08fff	Memory Mapped File	-	-	-
ntdll.dll	0x76db0000	0x76eebfff	Memory Mapped File	-	-	-
lpk.dll	0x76f50000	0x76f59fff	Memory Mapped File	-	-	-
apisetschema.dll	0x76ff0000	0x76ff0fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
private_0x000000007ffae000	0x7ffae000	0x7ffaefff	Private Memory	-	-	-
private_0x000000007ffaf000	0x7ffaf000	0x7ffaffff	Private Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffd3000	0x7ffd3000	0x7ffd3fff	Private Memory	-	-	-
private_0x000000007ffd4000	0x7ffd4000	0x7ffd4fff	Private Memory	-	-	-
private_0x000000007ffd5000	0x7ffd5000	0x7ffd5fff	Private Memory	-	-	-
private_0x000000007ffd6000	0x7ffd6000	0x7ffd6fff	Private Memory	-	-	-
private_0x000000007ffd7000	0x7ffd7000	0x7ffd7fff	Private Memory	-	-	-
private_0x000000007ffd8000	0x7ffd8000	0x7ffd8fff	Private Memory	-	-	-
private_0x000000007ffd9000	0x7ffd9000	0x7ffd9fff	Private Memory	-	-	-
private_0x000000007ffda000	0x7ffda000	0x7ffdafff	Private Memory	-	-	-
private_0x000000007ffdb000	0x7ffdb000	0x7ffdbfff	Private Memory	-	-	-
private_0x000000007ffdc000	0x7ffdc000	0x7ffdcfff	Private Memory	-	-	-
private_0x000000007ffdd000	0x7ffdd000	0x7ffddfff	Private Memory	-	-	-
private_0x000000007ffde000	0x7ffde000	0x7ffdefff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-
For performance reasons, the remaining 20 entries are omitted. The remaining entries can be found in flog.txt.

Created Files

Filename	File Size	Hash Values	YARA Match	Actions
C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive2955724691501239824.vbs	0.27 KB	MD5: 3bdfd33017806b85949b6faa7d4b98e4 SHA1: f92844fee69ef98db6e68931adfaa9a0a0f8ce66 SHA256: 9da575dd2d5b7c1e9bab8b51a16cde457b3371c6dcdb0537356cf1497fa868f6 SSDeep: 6:jpxiFtqvAAT+geD5NaqZxLMTrLavbx3laDH6djsyn:vmtqvAndZFcrG9lpjsyn		... File Actions Show Properties Download
C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs	0.27 KB	MD5: a32c109297ed1ca155598cd295c26611 SHA1: dc4a1fdbaad15ddd6fe22d3907c6b03727b71510 SHA256: 45bfe34aa3ef932f75101246eb53d032f5e7cf6d1f5b4e495334955a255f32e7 SSDeep: 6:jpxiFtqvAAT+geD5NaqZxLMTQQQavbx3la2Zp6djsyn:vmtqvAndZFcQU9lrXyjsyn		... File Actions Show Properties Download

Threads

Thread 0xd30

2610

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\program files\java\jre7\bin\client\jvm.dll, base_address = 0x6b030000	1	Fn
Module	Get Address	module_name = c:\program files\java\jre7\bin\client\jvm.dll, function = JVM_GetVersionInfo, address_out = 0x6b11d980	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = GetNativeSystemInfo, address_out = 0x7557be77	1	Fn
System	Get Info	type = Hardware Information	2	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, value_name = Desktop, data = C:\Users\2XC7u663GxWc\Desktop, type = REG_SZ	1	Fn
Module	Get Handle	module_name = c:\program files\java\jre7\bin\client\jvm.dll, base_address = 0x6b030000	1	Fn
Module	Get Filename	module_name = c:\program files\java\jre7\bin\client\jvm.dll, process_name = c:\program files\java\jre7\bin\java.exe, file_name_orig = C:\Program Files\Java\jre7\bin\client\jvm.dll, size = 260	1	Fn
File	Create	filename = C:\Program Files\Java\jre7\lib\rt.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 7, size_out = 7	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1781193, size_out = 1781193	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 709, size_out = 709	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 277, size_out = 277	1	Fn Data
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	1	Fn
File	Open	filename = STD_ERROR_HANDLE	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2305, size_out = 2305	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1022, size_out = 1022	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2882, size_out = 2882	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 104, size_out = 104	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 728, size_out = 728	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 345, size_out = 345	1	Fn Data
System	Get Info	type = Operating System	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000, flags = GET_MODULE_HANDLE_EX_FLAG_UNCHANGED_REFCOUNT, GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = GetFinalPathNameByHandleW, address_out = 0x75574e2a	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 815, size_out = 815	1	Fn Data
File	Get Info	filename = C:\Program Files\Java\jre7\bin\zip.dll, type = file_attributes	3	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1105, size_out = 1105	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1761, size_out = 1761	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 514, size_out = 514	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 970, size_out = 970	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2589, size_out = 2589	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1008, size_out = 1008	1	Fn Data
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\meta-index, type = file_attributes	1	Fn
File	Create	filename = C:\Program Files\Java\jre7\lib\ext\meta-index, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2004, size_out = 2004	1	Fn Data
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext, type = file_attributes	2	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 669, size_out = 669	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\meta-index, size = 8192, size_out = 829	1	Fn Data
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\meta-index, type = file_type	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\meta-index, type = size, size_out = 829	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 962, size_out = 962	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 934, size_out = 934	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1720, size_out = 1720	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1012, size_out = 1012	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3028, size_out = 3028	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1111, size_out = 1111	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2976, size_out = 2976	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 672, size_out = 672	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1189, size_out = 1189	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2646, size_out = 2646	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\meta-index, size = 8192, size_out = 0	1	Fn
File	Get Info	filename = C:\Windows\Sun\Java\lib\ext\meta-index, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\access-bridge.jar, type = file_attributes	3	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 966, size_out = 966	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 800, size_out = 800	1	Fn Data
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\dnsns.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\jaccess.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\localedata.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\sunpkcs11.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\zipfs.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Windows\Sun\Java\lib\ext, type = file_attributes	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1280, size_out = 1280	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 609, size_out = 609	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 628, size_out = 628	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 328, size_out = 328	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 327, size_out = 327	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, type = file_attributes	3	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\management\usagetracker.properties, type = file_attributes	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 12212, size_out = 12212	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 748, size_out = 748	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6630, size_out = 6630	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3392, size_out = 3392	1	Fn Data
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, type = time	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 6113, size_out = 6113	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2563, size_out = 2563	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 476, size_out = 476	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2703, size_out = 2703	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 753, size_out = 753	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3690, size_out = 3690	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3361, size_out = 3361	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3599, size_out = 3599	1	Fn Data
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 260, size_out = 260	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1899, size_out = 1899	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 678, size_out = 678	1	Fn Data
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 161, size_out = 161	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1909, size_out = 1909	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 670, size_out = 670	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 762, size_out = 762	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1016, size_out = 1016	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1133, size_out = 1133	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 921, size_out = 921	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1133, size_out = 1133	1	Fn Data
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\access-bridge.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\dnsns.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\jaccess.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\localedata.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\sunpkcs11.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\zipfs.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, type = time	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 6113, size_out = 6113	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 161, size_out = 161	2	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 160, size_out = 160	2	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 161, size_out = 161	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 263, size_out = 263	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, type = file_attributes	2	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 16, size_out = 16	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 729, size_out = 729	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 17, size_out = 17	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 243, size_out = 243	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 16, size_out = 16	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 315, size_out = 315	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 16, size_out = 16	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 437, size_out = 437	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 16, size_out = 16	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 439, size_out = 439	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 16, size_out = 16	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 342, size_out = 342	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 802, size_out = 802	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1127, size_out = 1127	1	Fn Data
File	Get Info	filename = C:\Program Files\Java\jre7\lib\resources.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\meta-index, type = file_attributes	1	Fn
File	Create	filename = C:\Program Files\Java\jre7\lib\meta-index, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib, type = file_attributes	2	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\meta-index, size = 8192, size_out = 2190	1	Fn Data
File	Get Info	filename = C:\Program Files\Java\jre7\lib\meta-index, type = file_type	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\meta-index, type = size, size_out = 2190	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\meta-index, size = 8192, size_out = 0	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\rt.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\sunrsasign.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\jsse.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\jce.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\charsets.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\jfr.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\classes, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\meta-index, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\resources.jar, type = file_attributes	3	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\rt.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\sunrsasign.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\jsse.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\jce.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\charsets.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\jfr.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\classes, type = file_attributes	2	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\resources.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\rt.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\sunrsasign.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\jsse.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\jce.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\charsets.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\jfr.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\classes, type = file_attributes	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 160, size_out = 160	1	Fn Data
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, type = time	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 1468, size_out = 1468	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1486, size_out = 1486	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 16, size_out = 16	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 258, size_out = 258	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2351, size_out = 2351	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 877, size_out = 877	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 645, size_out = 645	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6444, size_out = 6444	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1453, size_out = 1453	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 513, size_out = 513	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4556, size_out = 4556	1	Fn Data
File	Get Info	filename = C:\Program Files\Java\jre7\lib\security\java.security, type = file_attributes	1	Fn
File	Create	filename = C:\Program Files\Java\jre7\lib\security\java.security, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\security\java.security, size = 8192, size_out = 8192	2	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\java.security, size = 8192, size_out = 1440	1	Fn Data
File	Get Info	filename = C:\Program Files\Java\jre7\lib\security\java.security, type = file_type	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\security\java.security, type = size, size_out = 17824	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\security\java.security, size = 8192, size_out = 0	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2345, size_out = 2345	1	Fn Data
File	Create	filename = C:\Program Files\Java\jre7\lib\jsse.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 7, size_out = 7	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 13694, size_out = 13694	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 1056, size_out = 1056	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3940, size_out = 3940	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 5672, size_out = 5672	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 844, size_out = 844	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 803, size_out = 803	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2601, size_out = 2601	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6732, size_out = 6732	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 732, size_out = 732	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 454, size_out = 454	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 78, size_out = 78	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 457, size_out = 457	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 973, size_out = 973	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 308, size_out = 308	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 381, size_out = 381	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 310, size_out = 310	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3431, size_out = 3431	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 382, size_out = 382	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 281, size_out = 281	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 131, size_out = 131	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 5929, size_out = 5929	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 160, size_out = 160	2	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 16, size_out = 16	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 405, size_out = 405	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 17, size_out = 17	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 182, size_out = 182	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 258, size_out = 258	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 3, size_out = 3	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 354, size_out = 354	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 3, size_out = 3	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 16, size_out = 16	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 645, size_out = 645	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 17, size_out = 17	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 380, size_out = 380	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 17, size_out = 17	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 512, size_out = 512	1	Fn Data
File	Create	filename = C:\Program Files\Java\jre7\lib\jce.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 6708, size_out = 6708	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 4096, size_out = 4096	2	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 1693, size_out = 1693	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 1351, size_out = 1351	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1358, size_out = 1358	1	Fn Data
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, type = file_attributes	1	Fn
File	Create	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, type = time	1	Fn
File	Create	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 1240, size_out = 1240	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 160, size_out = 160	2	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 590, size_out = 590	2	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 525, size_out = 525	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 1320, size_out = 1320	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2666, size_out = 2666	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 314, size_out = 314	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 951, size_out = 951	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 10594, size_out = 10594	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3882, size_out = 3882	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3549, size_out = 3549	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1381, size_out = 1381	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 8211, size_out = 8211	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1075, size_out = 1075	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3695, size_out = 3695	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2117, size_out = 2117	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 346, size_out = 346	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 576, size_out = 576	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 24203, size_out = 24203	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 13092, size_out = 13092	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 623, size_out = 623	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3174, size_out = 3174	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2257, size_out = 2257	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1621, size_out = 1621	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2563, size_out = 2563	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2395, size_out = 2395	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 14258, size_out = 14258	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 853, size_out = 853	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 967, size_out = 967	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3914, size_out = 3914	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 5828, size_out = 5828	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 12814, size_out = 12814	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4077, size_out = 4077	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2399, size_out = 2399	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2181, size_out = 2181	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2812, size_out = 2812	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 278, size_out = 278	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6713, size_out = 6713	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3217, size_out = 3217	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 265, size_out = 265	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6705, size_out = 6705	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3395, size_out = 3395	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1337, size_out = 1337	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 5120, size_out = 5120	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 374, size_out = 374	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1663, size_out = 1663	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4945, size_out = 4945	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2801, size_out = 2801	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2263, size_out = 2263	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4843, size_out = 4843	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2266, size_out = 2266	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3589, size_out = 3589	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3217, size_out = 3217	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2498, size_out = 2498	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2363, size_out = 2363	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 631, size_out = 631	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 866, size_out = 866	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 282, size_out = 282	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3850, size_out = 3850	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 591, size_out = 591	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 907, size_out = 907	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3908, size_out = 3908	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 8490, size_out = 8490	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 444, size_out = 444	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1731, size_out = 1731	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4645, size_out = 4645	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 11624, size_out = 11624	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 915, size_out = 915	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 687, size_out = 687	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 11725, size_out = 11725	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1715, size_out = 1715	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1952, size_out = 1952	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1957, size_out = 1957	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1960, size_out = 1960	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1966, size_out = 1966	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 441, size_out = 441	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 723, size_out = 723	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3045, size_out = 3045	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2242, size_out = 2242	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 387, size_out = 387	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6064, size_out = 6064	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1369, size_out = 1369	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4032, size_out = 4032	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6002, size_out = 6002	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6001, size_out = 6001	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2439, size_out = 2439	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 144, size_out = 144	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1559, size_out = 1559	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 499, size_out = 499	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 734, size_out = 734	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 390, size_out = 390	1	Fn Data
File	Get Info	filename = C:\Program%20Files\Java\jre7\lib\ext\x86\sunec.dll, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program%20Files\Java\jre7\lib\ext\sunec.dll, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\bin\sunec.dll, type = file_attributes	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 1434, size_out = 1434	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 454, size_out = 454	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 5439, size_out = 5439	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 619, size_out = 619	1	Fn Data
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, type = file_attributes	1	Fn
File	Create	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, type = time	1	Fn
File	Create	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 10470, size_out = 10470	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 160, size_out = 160	2	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 3596, size_out = 3596	2	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 3529, size_out = 3529	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1320, size_out = 1320	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 160, size_out = 160	2	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 735, size_out = 735	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4170, size_out = 4170	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 817, size_out = 817	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 331, size_out = 331	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2357, size_out = 2357	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 187, size_out = 187	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 3665, size_out = 3665	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 3856, size_out = 3856	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 333, size_out = 333	1	Fn Data
File	Get Info	filename = C:\Program Files\Java\jre7\lib\rt.jar, type = file_attributes	1	Fn
File	Create	filename = C:\Program Files\Java\jre7\lib\rt.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\rt.jar, type = time	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\jce.jar, type = file_attributes	1	Fn
File	Create	filename = C:\Program Files\Java\jre7\lib\jce.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\jce.jar, type = time	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Get Info	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, type = file_attributes	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 2915, size_out = 2915	1	Fn Data
File	Create	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, type = time	1	Fn
File	Create	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 328, size_out = 328	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 350, size_out = 350	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 160, size_out = 160	3	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 213, size_out = 213	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 1319, size_out = 1319	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 151, size_out = 151	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 92, size_out = 92	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 4096, size_out = 4096	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 47, size_out = 47	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 115, size_out = 115	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 502, size_out = 502	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 807, size_out = 807	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 530, size_out = 530	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 1987, size_out = 1987	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 706, size_out = 706	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 4096, size_out = 4096	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 3777, size_out = 3777	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 3082, size_out = 3082	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4270, size_out = 4270	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 8559, size_out = 8559	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6031, size_out = 6031	1	Fn Data
File	Get Info	filename = C:\Program Files\Java\jre7\bin\net.dll, type = file_attributes	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 671, size_out = 671	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1961, size_out = 1961	1	Fn Data
DNS	Get Hostname	name_out = ZgW5tdPu	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3287, size_out = 3287	1	Fn Data
DNS	Resolve Name	host = ZgW5tdPu, address_out = fe80:0000:0000:0000:5969:84a4:f9e2:1f2b, 192.168.0.60	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp, type = file_attributes	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 383, size_out = 383	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3661, size_out = 3661	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 292, size_out = 292	1	Fn Data
File	Create	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, type = time	1	Fn
File	Create	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 389, size_out = 389	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 411, size_out = 411	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 194, size_out = 194	2	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 242, size_out = 242	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 1318, size_out = 1318	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 153, size_out = 153	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 209, size_out = 209	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 883, size_out = 883	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 994, size_out = 994	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 780, size_out = 780	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 206, size_out = 206	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 533, size_out = 533	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 775, size_out = 775	1	Fn Data
File	Create	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, type = time	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 301, size_out = 301	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 8192, size_out = 8192	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 3596, size_out = 3596	2	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 3529, size_out = 3529	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1320, size_out = 1320	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 160, size_out = 160	2	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 3596, size_out = 3596	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 3529, size_out = 3529	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1320, size_out = 1320	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1137, size_out = 1137	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1486, size_out = 1486	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1009, size_out = 1009	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1052, size_out = 1052	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 269, size_out = 269	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1438, size_out = 1438	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 2684, size_out = 2684	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 157, size_out = 157	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 902, size_out = 902	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1516, size_out = 1516	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 925, size_out = 925	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1403, size_out = 1403	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 684, size_out = 684	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 2171, size_out = 2171	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1421, size_out = 1421	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 694, size_out = 694	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 171, size_out = 171	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1111, size_out = 1111	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 814, size_out = 814	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 608, size_out = 608	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 677, size_out = 677	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 274, size_out = 274	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1343, size_out = 1343	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 541, size_out = 541	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 2912, size_out = 2912	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1249, size_out = 1249	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1311, size_out = 1311	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 265, size_out = 265	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1605, size_out = 1605	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 557, size_out = 557	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 173, size_out = 173	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 2789, size_out = 2789	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
For performance reasons, the remaining 1482 entries are omitted. The remaining entries can be found in glog.xml.

Thread 0xd4c

Category	Operation	Information	Count	Logfile
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 541, size_out = 541	1	Fn Data

Thread 0xd9c

Category	Operation	Information	Count	Logfile
Module	Load	module_name = COMCTL32.dll, base_address = 0x73ee0000	1	Fn
Module	Get Address	module_name = c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll, function = InitCommonControlsEx, address_out = 0x73f009ce	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = LoadIconW, address_out = 0x76b4f142	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = RegisterClassW, address_out = 0x76b4ed4a	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = GetDC, address_out = 0x76b5544c	1	Fn
Module	Load	module_name = GDI32.dll, base_address = 0x754f0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\gdi32.dll, function = GetDeviceCaps, address_out = 0x754f6f7f	2	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = ReleaseDC, address_out = 0x76b55421	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = CreateWindowExW, address_out = 0x76b4ec7c	1	Fn
Window	Create	window_name = theAwtToolkitWindow, class_name = SunAwtToolkit, wndproc_parameter = 0	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = DefWindowProcW, address_out = 0x76b5507d	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = SetWindowsHookExW, address_out = 0x76b4e30c	1	Fn
System	Register Hook	type = WH_GETMESSAGE, hookproc_address = 0x6d1b1da0	1	Fn
Module	Load	module_name = ole32.dll, base_address = 0x76360000	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = OleInitialize, address_out = 0x7637efd7	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 569, size_out = 569	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 333, size_out = 333	1	Fn Data
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = WaitMessage, address_out = 0x76b566bd	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = PeekMessageW, address_out = 0x76b5634a	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = IsWindow, address_out = 0x76b553ba	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = GetWindowThreadProcessId, address_out = 0x76b4ee32	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = SendMessageW, address_out = 0x76b55539	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = CallNextHookEx, address_out = 0x76b4abe1	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = TranslateMessage, address_out = 0x76b564c7	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = DispatchMessageW, address_out = 0x76b5cc61	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = EnumThreadWindows, address_out = 0x76b4b712	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = PostMessageW, address_out = 0x76b5447b	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = PostQuitMessage, address_out = 0x76b4b308	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = OleUninitialize, address_out = 0x7637eba1	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = GetMessageW, address_out = 0x76b5cde8	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = DestroyWindow, address_out = 0x76b4b2f4	1	Fn

Thread 0xdac

233

Category	Operation	Information	Count	Logfile
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 16, size_out = 16	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.77866636596601243045465905282659207.class, size = 390, size_out = 390	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 448, size_out = 448	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4013, size_out = 4013	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1566, size_out = 1566	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 402, size_out = 402	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 1366, size_out = 1366	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 9311, size_out = 9311	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 3572, size_out = 3572	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1619, size_out = 1619	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 2404, size_out = 2404	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 3013, size_out = 3013	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 1708, size_out = 1708	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 2879, size_out = 2879	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 1285, size_out = 1285	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 1398, size_out = 1398	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 1090, size_out = 1090	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 3789, size_out = 3789	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 436, size_out = 436	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 792, size_out = 792	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 384, size_out = 384	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 78, size_out = 78	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 1217, size_out = 1217	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 480, size_out = 480	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 622, size_out = 622	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 76, size_out = 76	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 527, size_out = 527	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 4051, size_out = 4051	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 7991, size_out = 7991	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 704, size_out = 704	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 8401, size_out = 8401	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 2096, size_out = 2096	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2691, size_out = 2691	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1111, size_out = 1111	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1664, size_out = 1664	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3009091646390096651.vbs, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3009091646390096651.vbs, desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, FILE_FLAG_OPEN_REPARSE_POINT, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3009091646390096651.vbs, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Write	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3009091646390096651.vbs, size = 276	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6028, size_out = 6028	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 7832, size_out = 7832	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 382, size_out = 382	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 5512, size_out = 5512	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 949, size_out = 949	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1167, size_out = 1167	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1731, size_out = 1731	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1427, size_out = 1427	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1429, size_out = 1429	1	Fn Data
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
Process	Create	process_name = cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3009091646390096651.vbs, os_pid = 0xdb4, creation_flags = CREATE_UNICODE_ENVIRONMENT, CREATE_NO_WINDOW, startup_flags = STARTF_USESTDHANDLES, show_window = SW_HIDE	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1873, size_out = 1873	1	Fn Data
File	Read	size = 8192, size_out = 108	1	Fn Data
File	Get Info	type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	size = 8192, size_out = 0	1	Fn
Process	Terminate	exit_code = 1	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3009091646390096651.vbs, type = file_attributes	1	Fn
File	Delete	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3009091646390096651.vbs	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive8453022226677560905.vbs, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive8453022226677560905.vbs, desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, FILE_FLAG_OPEN_REPARSE_POINT, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive8453022226677560905.vbs, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Write	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive8453022226677560905.vbs, size = 281	1	Fn Data
System	Get Info	type = Operating System	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
Process	Create	process_name = cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive8453022226677560905.vbs, os_pid = 0xe1c, creation_flags = CREATE_UNICODE_ENVIRONMENT, CREATE_NO_WINDOW, startup_flags = STARTF_USESTDHANDLES, show_window = SW_HIDE	1	Fn
File	Read	size = 8192, size_out = 108	1	Fn Data
File	Get Info	type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	size = 8192, size_out = 0	1	Fn
Process	Terminate	exit_code = 1	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive8453022226677560905.vbs, type = file_attributes	1	Fn
File	Delete	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive8453022226677560905.vbs	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\javaw.exe, type = file_attributes	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
Process	Create	process_name = xcopy "C:\Program Files\Java\jre7" "C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\" /e, os_pid = 0xe88, creation_flags = CREATE_UNICODE_ENVIRONMENT, CREATE_NO_WINDOW, startup_flags = STARTF_USESTDHANDLES, show_window = SW_HIDE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive8453022226677560905.vbs, size = 8192, size_out = 40	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive8453022226677560905.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive8453022226677560905.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive8453022226677560905.vbs, size = 8192, size_out = 39	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive8453022226677560905.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive8453022226677560905.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive8453022226677560905.vbs, size = 8192, size_out = 0	2	Fn
Process	Terminate	exit_code = 1	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\javaw.exe, type = file_attributes	1	Fn
File	Create	filename = C:\Windows\System32\test.txt, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1396, size_out = 1396	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 582, size_out = 582	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 46400, size_out = 46400	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 263, size_out = 263	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 357, size_out = 357	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 5472, size_out = 5472	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3241, size_out = 3241	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 784, size_out = 784	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1886, size_out = 1886	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 5529, size_out = 5529	1	Fn Data
File	Get Info	filename = C:\Program Files\Java\jre7\bin\net.dll, type = file_attributes	3	Fn
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1188, size_out = 1188	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 213, size_out = 213	1	Fn Data
Module	Load	module_name = IPHLPAPI.DLL, base_address = 0x738f0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\iphlpapi.dll, function = GetIfTable, address_out = 0x738fae94	1	Fn
Module	Get Address	module_name = c:\windows\system32\iphlpapi.dll, function = GetFriendlyIfIndex, address_out = 0x738fd855	1	Fn
Module	Get Address	module_name = c:\windows\system32\iphlpapi.dll, function = GetIpAddrTable, address_out = 0x738f9bb0	1	Fn

Thread 0x718

Category	Operation	Information	Success	Count	Logfile
System	Sleep	duration = 100 milliseconds (0.100 seconds)		1	Fn

Process #3: cmd.exe

Information	Value
ID	#3
File Name	c:\windows\system32\cmd.exe
Command Line	cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive2955724691501239824.vbs
Initial Working Directory	C:\Users\2XC7u663GxWc\Desktop\
Monitor	Start Time: 00:00:29, Reason: Child Process
Unmonitor	End Time: 00:00:42, Reason: Self Terminated
Monitor Duration	00:00:13

OS Process Information

Information	Value
PID	0xd64
Parent PID	0xcc0 (c:\program files\java\jre7\bin\java.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x D68

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	-	-	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000030000	0x00030000	0x00033fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000040000	0x00040000	0x00040fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000050000	0x00050000	0x00056fff	Pagefile Backed Memory	-	-	-
private_0x0000000000060000	0x00060000	0x0015ffff	Private Memory	-	-	-
pagefile_0x0000000000160000	0x00160000	0x00161fff	Pagefile Backed Memory	-	-	-
private_0x0000000000170000	0x00170000	0x00170fff	Private Memory	-	-	-
private_0x0000000000180000	0x00180000	0x00180fff	Private Memory	-	-	-
cscript.exe	0x00190000	0x001b1fff	Memory Mapped File	-	-	-
private_0x00000000001c0000	0x001c0000	0x002bffff	Private Memory	-	-	-
locale.nls	0x002c0000	0x00326fff	Memory Mapped File	-	-	-
cscript.exe.mui	0x00330000	0x00332fff	Memory Mapped File	-	-	-
private_0x00000000003f0000	0x003f0000	0x003fffff	Private Memory	-	-	-
pagefile_0x0000000000400000	0x00400000	0x004c7fff	Pagefile Backed Memory	-	-	-
pagefile_0x00000000004d0000	0x004d0000	0x005d0fff	Pagefile Backed Memory	-	-	-
pagefile_0x00000000005e0000	0x005e0000	0x011dffff	Pagefile Backed Memory	-	-	-
pagefile_0x00000000011e0000	0x011e0000	0x0146afff	Pagefile Backed Memory	-	-	-
sortdefault.nls	0x01470000	0x0173efff	Memory Mapped File	-	-	-
cmd.exe	0x4a430000	0x4a47bfff	Memory Mapped File	-	-	-
winbrand.dll	0x6e390000	0x6e396fff	Memory Mapped File	-	-	-
kernelbase.dll	0x75180000	0x751c9fff	Memory Mapped File	-	-	-
imm32.dll	0x75200000	0x7521efff	Memory Mapped File	-	-	-
msctf.dll	0x75370000	0x7543bfff	Memory Mapped File	-	-	-
gdi32.dll	0x754f0000	0x7553dfff	Memory Mapped File	-	-	-
kernel32.dll	0x75540000	0x75613fff	Memory Mapped File	-	-	-
msvcrt.dll	0x75650000	0x756fbfff	Memory Mapped File	-	-	-
usp10.dll	0x76570000	0x7660cfff	Memory Mapped File	-	-	-
user32.dll	0x76b40000	0x76c08fff	Memory Mapped File	-	-	-
ntdll.dll	0x76db0000	0x76eebfff	Memory Mapped File	-	-	-
lpk.dll	0x76f50000	0x76f59fff	Memory Mapped File	-	-	-
apisetschema.dll	0x76ff0000	0x76ff0fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffd7000	0x7ffd7000	0x7ffd7fff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-

Threads

Thread 0xd68

Category	Operation	Information	Count	Logfile
System	Get Time	type = System Time, time = 2018-07-19 09:49:34 (UTC)	1	Fn
System	Get Time	type = Ticks, time = 10885141	1	Fn
Module	Get Handle	module_name = c:\windows\system32\cmd.exe, base_address = 0x4a430000	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x755924c2	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	2	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
Environment	Get Environment String	-	2	Fn Data
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 192, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE	1	Fn
Module	Get Filename	process_name = c:\windows\system32\cmd.exe, file_name_orig = C:\Windows\system32\cmd.exe, size = 260	1	Fn
Environment	Get Environment String	name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\	1	Fn
Environment	Get Environment String	name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC	1	Fn
Environment	Get Environment String	name = PROMPT	1	Fn
Environment	Set Environment String	name = PROMPT, value = $P$G	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Get Environment String	name = COMSPEC, result_out = C:\Windows\system32\cmd.exe	1	Fn
Environment	Get Environment String	name = KEYS	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\Desktop, type = file_attributes	2	Fn
Environment	Set Environment String	name = =C:, value = C:\Users\2XC7u663GxWc\Desktop	1	Fn
Environment	Get Environment String	-	1	Fn Data
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = CopyFileExW, address_out = 0x7557ac6c	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = IsDebuggerPresent, address_out = 0x75583ea8	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x75592732	1	Fn
File	Get Info	filename = cscript.exe, type = file_attributes	1	Fn
Environment	Get Environment String	name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\	1	Fn
Environment	Get Environment String	name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC	1	Fn
Process	Create	process_name = C:\Windows\system32\cscript.exe, os_pid = 0xd78, creation_flags = CREATE_EXTENDED_STARTUPINFO_PRESENT, show_window = SW_SHOWNORMAL	1	Fn
Environment	Set Environment String	name = COPYCMD	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Set Environment String	name = =ExitCode, value = 00000000	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Set Environment String	name = =ExitCodeAscii	1	Fn
Environment	Get Environment String	-	1	Fn Data
File	Open	filename = STD_OUTPUT_HANDLE	2	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn

Process #4: cscript.exe

Information	Value
ID	#4
File Name	c:\windows\system32\cscript.exe
Command Line	cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive2955724691501239824.vbs
Initial Working Directory	C:\Users\2XC7u663GxWc\Desktop\
Monitor	Start Time: 00:00:30, Reason: Child Process
Unmonitor	End Time: 00:00:42, Reason: Self Terminated
Monitor Duration	00:00:12

OS Process Information

Information	Value
PID	0xd78
Parent PID	0xd64 (c:\windows\system32\cmd.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x D7C 0x D84 0x D88 0x D8C 0x D90 0x DA0 0x DA4 0x DA8

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	-	-	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000030000	0x00030000	0x00033fff	Pagefile Backed Memory	-	-	-
locale.nls	0x00040000	0x000a6fff	Memory Mapped File	-	-	-
pagefile_0x00000000000b0000	0x000b0000	0x00177fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000180000	0x00180000	0x00186fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000190000	0x00190000	0x00191fff	Pagefile Backed Memory	-	-	-
private_0x00000000001a0000	0x001a0000	0x0029ffff	Private Memory	-	-	-
pagefile_0x00000000002a0000	0x002a0000	0x003a0fff	Pagefile Backed Memory	-	-	-
cscript.exe.mui	0x003b0000	0x003b2fff	Memory Mapped File	-	-	-
private_0x00000000003c0000	0x003c0000	0x003c0fff	Private Memory	-	-	-
private_0x00000000003d0000	0x003d0000	0x003d0fff	Private Memory	-	-	-
rpcss.dll	0x003e0000	0x0043bfff	Memory Mapped File	-	-	-
cscript.exe	0x003e0000	0x003ebfff	Memory Mapped File	-	-	-
pagefile_0x00000000003f0000	0x003f0000	0x003f0fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000400000	0x00400000	0x00400fff	Pagefile Backed Memory	-	-	-
retrive2955724691501239824.vbs	0x00410000	0x00410fff	Memory Mapped File	-	-	-
rsaenh.dll	0x00410000	0x0044bfff	Memory Mapped File	-	-	-
private_0x0000000000410000	0x00410000	0x0041ffff	Private Memory	-	-	-
retrive2955724691501239824.vbs	0x00420000	0x00420fff	Memory Mapped File	-	-	-
wbemdisp.tlb	0x00420000	0x0042efff	Memory Mapped File	-	-	-
private_0x0000000000450000	0x00450000	0x0045ffff	Private Memory	-	-	-
private_0x0000000000460000	0x00460000	0x0055ffff	Private Memory	-	-	-
private_0x0000000000560000	0x00560000	0x0067ffff	Private Memory	-	-	-
pagefile_0x0000000000560000	0x00560000	0x0063efff	Pagefile Backed Memory	-	-	-
private_0x0000000000640000	0x00640000	0x0067ffff	Private Memory	-	-	-
private_0x0000000000680000	0x00680000	0x0077ffff	Private Memory	-	-	-
sortdefault.nls	0x00780000	0x00a4efff	Memory Mapped File	-	-	-
private_0x0000000000a90000	0x00a90000	0x00b8ffff	Private Memory	-	-	-
private_0x0000000000c00000	0x00c00000	0x00cfffff	Private Memory	-	-	-
cscript.exe	0x00d10000	0x00d31fff	Memory Mapped File	-	-	-
pagefile_0x0000000000d40000	0x00d40000	0x0193ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000001940000	0x01940000	0x01d3ffff	Pagefile Backed Memory	-	-	-
private_0x0000000001d80000	0x01d80000	0x01e7ffff	Private Memory	-	-	-
private_0x0000000001e80000	0x01e80000	0x01f4ffff	Private Memory	-	-	-
private_0x0000000001f50000	0x01f50000	0x0204ffff	Private Memory	-	-	-
private_0x0000000002050000	0x02050000	0x0222ffff	Private Memory	-	-	-
private_0x0000000002050000	0x02050000	0x021bffff	Private Memory	-	-	-
private_0x00000000021f0000	0x021f0000	0x0222ffff	Private Memory	-	-	-
private_0x0000000002330000	0x02330000	0x0242ffff	Private Memory	-	-	-
private_0x0000000002450000	0x02450000	0x0254ffff	Private Memory	-	-	-
private_0x0000000002550000	0x02550000	0x0264ffff	Private Memory	-	-	-
comctl32.dll	0x6ced0000	0x6cf53fff	Memory Mapped File	-	-	-
vbscript.dll	0x6cf60000	0x6cfcafff	Memory Mapped File	-	-	-
wmiutils.dll	0x70770000	0x70786fff	Memory Mapped File	-	-	-
wbemsvc.dll	0x70970000	0x7097efff	Memory Mapped File	-	-	-
wbemprox.dll	0x70d40000	0x70d49fff	Memory Mapped File	-	-	-
ntdsapi.dll	0x70d50000	0x70d67fff	Memory Mapped File	-	-	-
fastprox.dll	0x70d70000	0x70e05fff	Memory Mapped File	-	-	-
wbemcomn.dll	0x71280000	0x712dbfff	Memory Mapped File	-	-	-
wbemdisp.dll	0x71fa0000	0x71fd0fff	Memory Mapped File	-	-	-
scrobj.dll	0x720b0000	0x720dcfff	Memory Mapped File	-	-	-
wshext.dll	0x720e0000	0x720f5fff	Memory Mapped File	-	-	-
msisip.dll	0x72100000	0x72107fff	Memory Mapped File	-	-	-
dwmapi.dll	0x731f0000	0x73202fff	Memory Mapped File	-	-	-
uxtheme.dll	0x73530000	0x7356ffff	Memory Mapped File	-	-	-
version.dll	0x74450000	0x74458fff	Memory Mapped File	-	-	-
rsaenh.dll	0x74770000	0x747aafff	Memory Mapped File	-	-	-
cryptsp.dll	0x749d0000	0x749e5fff	Memory Mapped File	-	-	-
cryptbase.dll	0x74e50000	0x74e5bfff	Memory Mapped File	-	-	-
sxs.dll	0x74e60000	0x74ebefff	Memory Mapped File	-	-	-
rpcrtremote.dll	0x74ef0000	0x74efdfff	Memory Mapped File	-	-	-
msasn1.dll	0x74f70000	0x74f7bfff	Memory Mapped File	-	-	-
crypt32.dll	0x74f80000	0x7509cfff	Memory Mapped File	-	-	-
wintrust.dll	0x750c0000	0x750ecfff	Memory Mapped File	-	-	-
kernelbase.dll	0x75180000	0x751c9fff	Memory Mapped File	-	-	-
imm32.dll	0x75200000	0x7521efff	Memory Mapped File	-	-	-
shlwapi.dll	0x75220000	0x75276fff	Memory Mapped File	-	-	-
advapi32.dll	0x75280000	0x7531ffff	Memory Mapped File	-	-	-
msctf.dll	0x75370000	0x7543bfff	Memory Mapped File	-	-	-
sechost.dll	0x75440000	0x75458fff	Memory Mapped File	-	-	-
clbcatq.dll	0x75460000	0x754e2fff	Memory Mapped File	-	-	-
gdi32.dll	0x754f0000	0x7553dfff	Memory Mapped File	-	-	-
kernel32.dll	0x75540000	0x75613fff	Memory Mapped File	-	-	-
msvcrt.dll	0x75650000	0x756fbfff	Memory Mapped File	-	-	-
shell32.dll	0x75700000	0x76349fff	Memory Mapped File	-	-	-
ole32.dll	0x76360000	0x764bbfff	Memory Mapped File	-	-	-
rpcrt4.dll	0x764c0000	0x76560fff	Memory Mapped File	-	-	-
usp10.dll	0x76570000	0x7660cfff	Memory Mapped File	-	-	-
nsi.dll	0x76850000	0x76855fff	Memory Mapped File	-	-	-
ws2_32.dll	0x76870000	0x768a4fff	Memory Mapped File	-	-	-
oleaut32.dll	0x76ab0000	0x76b3efff	Memory Mapped File	-	-	-
user32.dll	0x76b40000	0x76c08fff	Memory Mapped File	-	-	-
ntdll.dll	0x76db0000	0x76eebfff	Memory Mapped File	-	-	-
lpk.dll	0x76f50000	0x76f59fff	Memory Mapped File	-	-	-
apisetschema.dll	0x76ff0000	0x76ff0fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffd7000	0x7ffd7000	0x7ffd7fff	Private Memory	-	-	-
private_0x000000007ffd8000	0x7ffd8000	0x7ffd8fff	Private Memory	-	-	-
private_0x000000007ffd9000	0x7ffd9000	0x7ffd9fff	Private Memory	-	-	-
private_0x000000007ffda000	0x7ffda000	0x7ffdafff	Private Memory	-	-	-
private_0x000000007ffdb000	0x7ffdb000	0x7ffdbfff	Private Memory	-	-	-
private_0x000000007ffdc000	0x7ffdc000	0x7ffdcfff	Private Memory	-	-	-
private_0x000000007ffdd000	0x7ffdd000	0x7ffddfff	Private Memory	-	-	-
private_0x000000007ffde000	0x7ffde000	0x7ffdefff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-

Threads

Thread 0xd7c

Category	Operation	Information	Count	Logfile
System	Get Time	type = System Time, time = 2018-07-19 09:49:35 (UTC)	1	Fn
System	Get Time	type = Ticks, time = 10885640	1	Fn
Module	Get Handle	module_name = c:\windows\system32\cscript.exe, base_address = 0xd10000	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Load	module_name = kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x755924c2	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 100, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = Enabled, data = 100, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = Enabled, data = 100, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 0, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = LogSecuritySuccesses, data = 0, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = LogSecuritySuccesses, data = 0, type = REG_NONE	1	Fn
Module	Load	module_name = kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = HeapSetInformation, address_out = 0x75594157	1	Fn
Module	Get Filename	module_name = c:\windows\system32\cscript.exe, process_name = c:\windows\system32\cscript.exe, file_name_orig = C:\Windows\system32\cscript.exe, size = 261	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 237, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = TrustPolicy, data = 213, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = UseWINSAFER, data = 237, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = TrustPolicy, data = 213, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = UseWINSAFER, data = 1, type = REG_SZ	1	Fn
Registry	Create Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = Timeout, data = 176, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = DisplayLogo, data = 1, type = REG_SZ	1	Fn
Registry	Create Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = Timeout, data = 176, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = DisplayLogo, data = 49, type = REG_NONE	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	1	Fn
File	Write	filename = STD_OUTPUT_HANDLE, size = 108	1	Fn Data
System	Sleep	duration = -1 (infinite)	1	Fn
Registry	Open Key	reg_name = HKEY_CLASSES_ROOT\.vbs	1	Fn
Registry	Read Value	reg_name = HKEY_CLASSES_ROOT\.vbs, data = VBSFile, type = REG_SZ	1	Fn
Registry	Open Key	reg_name = HKEY_CLASSES_ROOT\VBSFile\ScriptEngine	1	Fn
Registry	Read Value	reg_name = HKEY_CLASSES_ROOT\VBSFile\ScriptEngine, data = VBScript, type = REG_SZ	1	Fn
COM	Create	interface = 00000000-0000-0000-C000-000000000046, cls_context = CLSCTX_INPROC_SERVER, CLSCTX_INPROC_HANDLER, CLSCTX_LOCAL_SERVER, CLSCTX_REMOTE_SERVER	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Load	module_name = ole32.dll, base_address = 0x76360000	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = CoCreateInstance, address_out = 0x763a9d0b	1	Fn
COM	Create	interface = 6C736DC1-AB0D-11D0-A2AD-00A0C90F27E8, cls_context = CLSCTX_INPROC_SERVER	1	Fn
System	Get Time	type = Ticks, time = 10886576	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive2955724691501239824.vbs, desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive2955724691501239824.vbs, type = size	1	Fn
Module	Create Mapping	module_name = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive2955724691501239824.vbs, filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive2955724691501239824.vbs, protection = PAGE_READONLY, maximum_size = 276	1	Fn
Module	Map	C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive2955724691501239824.vbs, process_name = c:\windows\system32\cscript.exe, desired_access = FILE_MAP_READ	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Unmap	process_name = c:\windows\system32\cscript.exe	1	Fn
System	Get Info	type = System Directory	1	Fn
System	Get Info	type = System Directory, result_out = C:\Windows\system32	1	Fn
Module	Load	module_name = C:\Windows\system32\advapi32.dll, base_address = 0x75280000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferIdentifyLevel, address_out = 0x752a2102	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferComputeTokenFromLevel, address_out = 0x752a3352	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferCloseLevel, address_out = 0x752a3825	1	Fn
System	Get Info	type = Operating System	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive2955724691501239824.vbs, type = size	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive2955724691501239824.vbs, size = 276, size_out = 276	1	Fn Data
COM	Create	interface = E4D1C9B0-46E8-11D4-A2A6-00104BD35090, cls_context = CLSCTX_INPROC_SERVER	1	Fn
System	Get Info	type = Operating System	1	Fn
System	Get Info	type = Hardware Information	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = CreateBindCtx, address_out = 0x763a6d2c	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = MkParseDisplayName, address_out = 0x7636cea9	1	Fn
System	Get Info	type = Operating System	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Wbem\Scripting	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Wbem\Scripting, value_name = Default Impersonation Level, data = 3	1	Fn
System	Get Info	type = System Directory, result_out = C:\Windows\system32	1	Fn
Module	Load	module_name = C:\Windows\system32\advapi32.dll, base_address = 0x75280000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = DuplicateTokenEx, address_out = 0x7528ca24	1	Fn
COM	Create	interface = DC12A687-737F-11CF-884D-00AA004B2E24, cls_context = CLSCTX_INPROC_SERVER	1	Fn
COM	Create	interface = 3BC15AF2-736C-477E-9E51-238AF8667DCC, cls_context = CLSCTX_INPROC_SERVER	5	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = BindMoniker, address_out = 0x7636c6a7	1	Fn
System	Sleep	duration = -1 (infinite)	1	Fn

Thread 0xd88

Category	Operation	Information	Success	Count	Logfile
Window	Create	class_name = WSH-Timer, wndproc_parameter = 4530984		1	Fn
Window	Set Attribute	class_name = WSH-Timer, index = 18446744073709551595, new_long = 4530984		1	Fn

Process #6: cmd.exe

Information	Value
ID	#6
File Name	c:\windows\system32\cmd.exe
Command Line	cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3009091646390096651.vbs
Initial Working Directory	C:\Users\2XC7u663GxWc\Desktop\
Monitor	Start Time: 00:00:40, Reason: Child Process
Unmonitor	End Time: 00:00:43, Reason: Self Terminated
Monitor Duration	00:00:03

OS Process Information

Information	Value
PID	0xdb4
Parent PID	0xd18 (c:\program files\java\jre7\bin\java.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x DB8

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	-	-	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000030000	0x00030000	0x00033fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000040000	0x00040000	0x00040fff	Pagefile Backed Memory	-	-	-
locale.nls	0x00050000	0x000b6fff	Memory Mapped File	-	-	-
pagefile_0x00000000000c0000	0x000c0000	0x00187fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000190000	0x00190000	0x00196fff	Pagefile Backed Memory	-	-	-
pagefile_0x00000000001a0000	0x001a0000	0x001a1fff	Pagefile Backed Memory	-	-	-
private_0x00000000001b0000	0x001b0000	0x001b0fff	Private Memory	-	-	-
private_0x00000000001c0000	0x001c0000	0x002bffff	Private Memory	-	-	-
pagefile_0x00000000002c0000	0x002c0000	0x003c0fff	Pagefile Backed Memory	-	-	-
private_0x00000000003d0000	0x003d0000	0x003d0fff	Private Memory	-	-	-
cscript.exe	0x003e0000	0x00401fff	Memory Mapped File	-	-	-
cscript.exe.mui	0x00410000	0x00412fff	Memory Mapped File	-	-	-
private_0x0000000000420000	0x00420000	0x0042ffff	Private Memory	-	-	-
private_0x0000000000470000	0x00470000	0x0056ffff	Private Memory	-	-	-
pagefile_0x0000000000570000	0x00570000	0x0116ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000001170000	0x01170000	0x013fafff	Pagefile Backed Memory	-	-	-
sortdefault.nls	0x01400000	0x016cefff	Memory Mapped File	-	-	-
cmd.exe	0x4a430000	0x4a47bfff	Memory Mapped File	-	-	-
winbrand.dll	0x6e390000	0x6e396fff	Memory Mapped File	-	-	-
kernelbase.dll	0x75180000	0x751c9fff	Memory Mapped File	-	-	-
imm32.dll	0x75200000	0x7521efff	Memory Mapped File	-	-	-
msctf.dll	0x75370000	0x7543bfff	Memory Mapped File	-	-	-
gdi32.dll	0x754f0000	0x7553dfff	Memory Mapped File	-	-	-
kernel32.dll	0x75540000	0x75613fff	Memory Mapped File	-	-	-
msvcrt.dll	0x75650000	0x756fbfff	Memory Mapped File	-	-	-
usp10.dll	0x76570000	0x7660cfff	Memory Mapped File	-	-	-
user32.dll	0x76b40000	0x76c08fff	Memory Mapped File	-	-	-
ntdll.dll	0x76db0000	0x76eebfff	Memory Mapped File	-	-	-
lpk.dll	0x76f50000	0x76f59fff	Memory Mapped File	-	-	-
apisetschema.dll	0x76ff0000	0x76ff0fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffdb000	0x7ffdb000	0x7ffdbfff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-

Threads

Thread 0xdb8

Category	Operation	Information	Count	Logfile
System	Get Time	type = System Time, time = 2018-07-19 09:49:40 (UTC)	1	Fn
System	Get Time	type = Ticks, time = 10891178	1	Fn
Module	Get Handle	module_name = c:\windows\system32\cmd.exe, base_address = 0x4a430000	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x755924c2	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	2	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
Environment	Get Environment String	-	2	Fn Data
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 192, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE	1	Fn
Module	Get Filename	process_name = c:\windows\system32\cmd.exe, file_name_orig = C:\Windows\system32\cmd.exe, size = 260	1	Fn
Environment	Get Environment String	name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\	1	Fn
Environment	Get Environment String	name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC	1	Fn
Environment	Get Environment String	name = PROMPT	1	Fn
Environment	Set Environment String	name = PROMPT, value = $P$G	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Get Environment String	name = COMSPEC, result_out = C:\Windows\system32\cmd.exe	1	Fn
Environment	Get Environment String	name = KEYS	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\Desktop, type = file_attributes	2	Fn
Environment	Set Environment String	name = =C:, value = C:\Users\2XC7u663GxWc\Desktop	1	Fn
Environment	Get Environment String	-	1	Fn Data
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = CopyFileExW, address_out = 0x7557ac6c	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = IsDebuggerPresent, address_out = 0x75583ea8	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x75592732	1	Fn
File	Get Info	filename = cscript.exe, type = file_attributes	1	Fn
Environment	Get Environment String	name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\	1	Fn
Environment	Get Environment String	name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC	1	Fn
Process	Create	process_name = C:\Windows\system32\cscript.exe, os_pid = 0xdc8, creation_flags = CREATE_EXTENDED_STARTUPINFO_PRESENT, show_window = SW_SHOWNORMAL	1	Fn
Environment	Set Environment String	name = COPYCMD	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Set Environment String	name = =ExitCode, value = 00000000	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Set Environment String	name = =ExitCodeAscii	1	Fn
Environment	Get Environment String	-	1	Fn Data
File	Open	filename = STD_OUTPUT_HANDLE	2	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn

Process #7: cscript.exe

Information	Value
ID	#7
File Name	c:\windows\system32\cscript.exe
Command Line	cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3009091646390096651.vbs
Initial Working Directory	C:\Users\2XC7u663GxWc\Desktop\
Monitor	Start Time: 00:00:40, Reason: Child Process
Unmonitor	End Time: 00:00:43, Reason: Self Terminated
Monitor Duration	00:00:03

OS Process Information

Information	Value
PID	0xdc8
Parent PID	0xdb4 (c:\windows\system32\cmd.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x DCC 0x DD0 0x DD4 0x DD8 0x DDC 0x DE4 0x DEC 0x DF0

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	-	-	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000030000	0x00030000	0x00033fff	Pagefile Backed Memory	-	-	-
locale.nls	0x00040000	0x000a6fff	Memory Mapped File	-	-	-
pagefile_0x00000000000b0000	0x000b0000	0x000b6fff	Pagefile Backed Memory	-	-	-
pagefile_0x00000000000c0000	0x000c0000	0x000c1fff	Pagefile Backed Memory	-	-	-
cscript.exe.mui	0x000d0000	0x000d2fff	Memory Mapped File	-	-	-
private_0x00000000000e0000	0x000e0000	0x000e0fff	Private Memory	-	-	-
private_0x00000000000f0000	0x000f0000	0x000f0fff	Private Memory	-	-	-
cscript.exe	0x00100000	0x0010bfff	Memory Mapped File	-	-	-
private_0x0000000000110000	0x00110000	0x0020ffff	Private Memory	-	-	-
pagefile_0x0000000000210000	0x00210000	0x002d7fff	Pagefile Backed Memory	-	-	-
rpcss.dll	0x002e0000	0x0033bfff	Memory Mapped File	-	-	-
pagefile_0x00000000002e0000	0x002e0000	0x002e0fff	Pagefile Backed Memory	-	-	-
pagefile_0x00000000002f0000	0x002f0000	0x002f0fff	Pagefile Backed Memory	-	-	-
retrive3009091646390096651.vbs	0x00300000	0x00300fff	Memory Mapped File	-	-	-
rsaenh.dll	0x00300000	0x0033bfff	Memory Mapped File	-	-	-
private_0x0000000000300000	0x00300000	0x0030ffff	Private Memory	-	-	-
retrive3009091646390096651.vbs	0x00310000	0x00310fff	Memory Mapped File	-	-	-
wbemdisp.tlb	0x00310000	0x0031efff	Memory Mapped File	-	-	-
private_0x0000000000340000	0x00340000	0x0034ffff	Private Memory	-	-	-
private_0x0000000000360000	0x00360000	0x0045ffff	Private Memory	-	-	-
pagefile_0x0000000000460000	0x00460000	0x00560fff	Pagefile Backed Memory	-	-	-
private_0x0000000000570000	0x00570000	0x006cffff	Private Memory	-	-	-
pagefile_0x0000000000570000	0x00570000	0x0064efff	Pagefile Backed Memory	-	-	-
private_0x0000000000690000	0x00690000	0x006cffff	Private Memory	-	-	-
private_0x00000000006d0000	0x006d0000	0x0072ffff	Private Memory	-	-	-
private_0x0000000000800000	0x00800000	0x008fffff	Private Memory	-	-	-
sortdefault.nls	0x00900000	0x00bcefff	Memory Mapped File	-	-	-
private_0x0000000000bf0000	0x00bf0000	0x00ceffff	Private Memory	-	-	-
cscript.exe	0x00d10000	0x00d31fff	Memory Mapped File	-	-	-
pagefile_0x0000000000d40000	0x00d40000	0x0193ffff	Pagefile Backed Memory	-	-	-
private_0x0000000001940000	0x01940000	0x01a3ffff	Private Memory	-	-	-
private_0x0000000001a40000	0x01a40000	0x01b3ffff	Private Memory	-	-	-
pagefile_0x0000000001b40000	0x01b40000	0x01f3ffff	Pagefile Backed Memory	-	-	-
private_0x0000000001f80000	0x01f80000	0x0207ffff	Private Memory	-	-	-
private_0x0000000002080000	0x02080000	0x0217ffff	Private Memory	-	-	-
private_0x0000000002180000	0x02180000	0x0229ffff	Private Memory	-	-	-
private_0x0000000002360000	0x02360000	0x0245ffff	Private Memory	-	-	-
private_0x00000000024a0000	0x024a0000	0x0259ffff	Private Memory	-	-	-
private_0x00000000025b0000	0x025b0000	0x026affff	Private Memory	-	-	-
comctl32.dll	0x6ced0000	0x6cf53fff	Memory Mapped File	-	-	-
vbscript.dll	0x6cf60000	0x6cfcafff	Memory Mapped File	-	-	-
wmiutils.dll	0x70770000	0x70786fff	Memory Mapped File	-	-	-
wbemsvc.dll	0x70970000	0x7097efff	Memory Mapped File	-	-	-
wbemprox.dll	0x70d40000	0x70d49fff	Memory Mapped File	-	-	-
ntdsapi.dll	0x70d50000	0x70d67fff	Memory Mapped File	-	-	-
fastprox.dll	0x70d70000	0x70e05fff	Memory Mapped File	-	-	-
wbemcomn.dll	0x71280000	0x712dbfff	Memory Mapped File	-	-	-
wbemdisp.dll	0x71fa0000	0x71fd0fff	Memory Mapped File	-	-	-
scrobj.dll	0x720b0000	0x720dcfff	Memory Mapped File	-	-	-
wshext.dll	0x720e0000	0x720f5fff	Memory Mapped File	-	-	-
msisip.dll	0x72100000	0x72107fff	Memory Mapped File	-	-	-
dwmapi.dll	0x731f0000	0x73202fff	Memory Mapped File	-	-	-
uxtheme.dll	0x73530000	0x7356ffff	Memory Mapped File	-	-	-
version.dll	0x74450000	0x74458fff	Memory Mapped File	-	-	-
rsaenh.dll	0x74770000	0x747aafff	Memory Mapped File	-	-	-
cryptsp.dll	0x749d0000	0x749e5fff	Memory Mapped File	-	-	-
cryptbase.dll	0x74e50000	0x74e5bfff	Memory Mapped File	-	-	-
sxs.dll	0x74e60000	0x74ebefff	Memory Mapped File	-	-	-
rpcrtremote.dll	0x74ef0000	0x74efdfff	Memory Mapped File	-	-	-
msasn1.dll	0x74f70000	0x74f7bfff	Memory Mapped File	-	-	-
crypt32.dll	0x74f80000	0x7509cfff	Memory Mapped File	-	-	-
wintrust.dll	0x750c0000	0x750ecfff	Memory Mapped File	-	-	-
kernelbase.dll	0x75180000	0x751c9fff	Memory Mapped File	-	-	-
imm32.dll	0x75200000	0x7521efff	Memory Mapped File	-	-	-
shlwapi.dll	0x75220000	0x75276fff	Memory Mapped File	-	-	-
advapi32.dll	0x75280000	0x7531ffff	Memory Mapped File	-	-	-
msctf.dll	0x75370000	0x7543bfff	Memory Mapped File	-	-	-
sechost.dll	0x75440000	0x75458fff	Memory Mapped File	-	-	-
clbcatq.dll	0x75460000	0x754e2fff	Memory Mapped File	-	-	-
gdi32.dll	0x754f0000	0x7553dfff	Memory Mapped File	-	-	-
kernel32.dll	0x75540000	0x75613fff	Memory Mapped File	-	-	-
msvcrt.dll	0x75650000	0x756fbfff	Memory Mapped File	-	-	-
shell32.dll	0x75700000	0x76349fff	Memory Mapped File	-	-	-
ole32.dll	0x76360000	0x764bbfff	Memory Mapped File	-	-	-
rpcrt4.dll	0x764c0000	0x76560fff	Memory Mapped File	-	-	-
usp10.dll	0x76570000	0x7660cfff	Memory Mapped File	-	-	-
nsi.dll	0x76850000	0x76855fff	Memory Mapped File	-	-	-
ws2_32.dll	0x76870000	0x768a4fff	Memory Mapped File	-	-	-
oleaut32.dll	0x76ab0000	0x76b3efff	Memory Mapped File	-	-	-
user32.dll	0x76b40000	0x76c08fff	Memory Mapped File	-	-	-
ntdll.dll	0x76db0000	0x76eebfff	Memory Mapped File	-	-	-
lpk.dll	0x76f50000	0x76f59fff	Memory Mapped File	-	-	-
apisetschema.dll	0x76ff0000	0x76ff0fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffd3000	0x7ffd3000	0x7ffd3fff	Private Memory	-	-	-
private_0x000000007ffd8000	0x7ffd8000	0x7ffd8fff	Private Memory	-	-	-
private_0x000000007ffd9000	0x7ffd9000	0x7ffd9fff	Private Memory	-	-	-
private_0x000000007ffda000	0x7ffda000	0x7ffdafff	Private Memory	-	-	-
private_0x000000007ffdb000	0x7ffdb000	0x7ffdbfff	Private Memory	-	-	-
private_0x000000007ffdc000	0x7ffdc000	0x7ffdcfff	Private Memory	-	-	-
private_0x000000007ffdd000	0x7ffdd000	0x7ffddfff	Private Memory	-	-	-
private_0x000000007ffde000	0x7ffde000	0x7ffdefff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-

Threads

Thread 0xdcc

Category	Operation	Information	Count	Logfile
System	Get Time	type = System Time, time = 2018-07-19 09:49:40 (UTC)	1	Fn
System	Get Time	type = Ticks, time = 10891272	1	Fn
Module	Get Handle	module_name = c:\windows\system32\cscript.exe, base_address = 0xd10000	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Load	module_name = kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x755924c2	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 196, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = Enabled, data = 196, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = Enabled, data = 196, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 0, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = LogSecuritySuccesses, data = 0, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = LogSecuritySuccesses, data = 0, type = REG_NONE	1	Fn
Module	Load	module_name = kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = HeapSetInformation, address_out = 0x75594157	1	Fn
Module	Get Filename	module_name = c:\windows\system32\cscript.exe, process_name = c:\windows\system32\cscript.exe, file_name_orig = C:\Windows\system32\cscript.exe, size = 261	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 237, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = TrustPolicy, data = 54, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = UseWINSAFER, data = 237, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = TrustPolicy, data = 54, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = UseWINSAFER, data = 1, type = REG_SZ	1	Fn
Registry	Create Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = Timeout, data = 16, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = DisplayLogo, data = 1, type = REG_SZ	1	Fn
Registry	Create Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = Timeout, data = 16, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = DisplayLogo, data = 49, type = REG_NONE	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	1	Fn
File	Write	filename = STD_OUTPUT_HANDLE, size = 108	1	Fn Data
System	Sleep	duration = -1 (infinite)	1	Fn
Registry	Open Key	reg_name = HKEY_CLASSES_ROOT\.vbs	1	Fn
Registry	Read Value	reg_name = HKEY_CLASSES_ROOT\.vbs, data = VBSFile, type = REG_SZ	1	Fn
Registry	Open Key	reg_name = HKEY_CLASSES_ROOT\VBSFile\ScriptEngine	1	Fn
Registry	Read Value	reg_name = HKEY_CLASSES_ROOT\VBSFile\ScriptEngine, data = VBScript, type = REG_SZ	1	Fn
COM	Create	interface = 00000000-0000-0000-C000-000000000046, cls_context = CLSCTX_INPROC_SERVER, CLSCTX_INPROC_HANDLER, CLSCTX_LOCAL_SERVER, CLSCTX_REMOTE_SERVER	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Load	module_name = ole32.dll, base_address = 0x76360000	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = CoCreateInstance, address_out = 0x763a9d0b	1	Fn
COM	Create	interface = 6C736DC1-AB0D-11D0-A2AD-00A0C90F27E8, cls_context = CLSCTX_INPROC_SERVER	1	Fn
System	Get Time	type = Ticks, time = 10891490	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3009091646390096651.vbs, desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3009091646390096651.vbs, type = size	1	Fn
Module	Create Mapping	module_name = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3009091646390096651.vbs, filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3009091646390096651.vbs, protection = PAGE_READONLY, maximum_size = 276	1	Fn
Module	Map	C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3009091646390096651.vbs, process_name = c:\windows\system32\cscript.exe, desired_access = FILE_MAP_READ	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Unmap	process_name = c:\windows\system32\cscript.exe	1	Fn
System	Get Info	type = System Directory	1	Fn
System	Get Info	type = System Directory, result_out = C:\Windows\system32	1	Fn
Module	Load	module_name = C:\Windows\system32\advapi32.dll, base_address = 0x75280000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferIdentifyLevel, address_out = 0x752a2102	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferComputeTokenFromLevel, address_out = 0x752a3352	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferCloseLevel, address_out = 0x752a3825	1	Fn
System	Get Info	type = Operating System	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3009091646390096651.vbs, type = size	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3009091646390096651.vbs, size = 276, size_out = 276	1	Fn Data
COM	Create	interface = E4D1C9B0-46E8-11D4-A2A6-00104BD35090, cls_context = CLSCTX_INPROC_SERVER	1	Fn
System	Get Info	type = Operating System	1	Fn
System	Get Info	type = Hardware Information	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = CreateBindCtx, address_out = 0x763a6d2c	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = MkParseDisplayName, address_out = 0x7636cea9	1	Fn
System	Get Info	type = Operating System	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Wbem\Scripting	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Wbem\Scripting, value_name = Default Impersonation Level, data = 3	1	Fn
System	Get Info	type = System Directory, result_out = C:\Windows\system32	1	Fn
Module	Load	module_name = C:\Windows\system32\advapi32.dll, base_address = 0x75280000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = DuplicateTokenEx, address_out = 0x7528ca24	1	Fn
COM	Create	interface = DC12A687-737F-11CF-884D-00AA004B2E24, cls_context = CLSCTX_INPROC_SERVER	1	Fn
COM	Create	interface = 3BC15AF2-736C-477E-9E51-238AF8667DCC, cls_context = CLSCTX_INPROC_SERVER	5	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = BindMoniker, address_out = 0x7636c6a7	1	Fn
System	Sleep	duration = -1 (infinite)	1	Fn

Thread 0xdd4

Category	Operation	Information	Success	Count	Logfile
Window	Create	class_name = WSH-Timer, wndproc_parameter = 3416872		1	Fn
Window	Set Attribute	class_name = WSH-Timer, index = 18446744073709551595, new_long = 3416872		1	Fn

Process #10: cmd.exe

Information	Value
ID	#10
File Name	c:\windows\system32\cmd.exe
Command Line	cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs
Initial Working Directory	C:\Users\2XC7u663GxWc\Desktop\
Monitor	Start Time: 00:00:41, Reason: Child Process
Unmonitor	End Time: 00:00:43, Reason: Self Terminated
Monitor Duration	00:00:02

OS Process Information

Information	Value
PID	0xdf8
Parent PID	0xcc0 (c:\program files\java\jre7\bin\java.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x DFC

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	-	-	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000030000	0x00030000	0x00033fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000040000	0x00040000	0x00040fff	Pagefile Backed Memory	-	-	-
private_0x0000000000050000	0x00050000	0x0005ffff	Private Memory	-	-	-
pagefile_0x0000000000060000	0x00060000	0x00066fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000070000	0x00070000	0x00071fff	Pagefile Backed Memory	-	-	-
private_0x0000000000080000	0x00080000	0x00080fff	Private Memory	-	-	-
private_0x0000000000090000	0x00090000	0x0018ffff	Private Memory	-	-	-
private_0x0000000000190000	0x00190000	0x00190fff	Private Memory	-	-	-
cscript.exe	0x001a0000	0x001c1fff	Memory Mapped File	-	-	-
cscript.exe.mui	0x001d0000	0x001d2fff	Memory Mapped File	-	-	-
private_0x00000000001e0000	0x001e0000	0x002dffff	Private Memory	-	-	-
locale.nls	0x002e0000	0x00346fff	Memory Mapped File	-	-	-
pagefile_0x0000000000350000	0x00350000	0x00417fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000420000	0x00420000	0x00520fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000530000	0x00530000	0x0112ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000001130000	0x01130000	0x013bafff	Pagefile Backed Memory	-	-	-
sortdefault.nls	0x013c0000	0x0168efff	Memory Mapped File	-	-	-
cmd.exe	0x4a430000	0x4a47bfff	Memory Mapped File	-	-	-
winbrand.dll	0x6e390000	0x6e396fff	Memory Mapped File	-	-	-
kernelbase.dll	0x75180000	0x751c9fff	Memory Mapped File	-	-	-
imm32.dll	0x75200000	0x7521efff	Memory Mapped File	-	-	-
msctf.dll	0x75370000	0x7543bfff	Memory Mapped File	-	-	-
gdi32.dll	0x754f0000	0x7553dfff	Memory Mapped File	-	-	-
kernel32.dll	0x75540000	0x75613fff	Memory Mapped File	-	-	-
msvcrt.dll	0x75650000	0x756fbfff	Memory Mapped File	-	-	-
usp10.dll	0x76570000	0x7660cfff	Memory Mapped File	-	-	-
user32.dll	0x76b40000	0x76c08fff	Memory Mapped File	-	-	-
ntdll.dll	0x76db0000	0x76eebfff	Memory Mapped File	-	-	-
lpk.dll	0x76f50000	0x76f59fff	Memory Mapped File	-	-	-
apisetschema.dll	0x76ff0000	0x76ff0fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffd7000	0x7ffd7000	0x7ffd7fff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-

Threads

Thread 0xdfc

Category	Operation	Information	Count	Logfile
System	Get Time	type = System Time, time = 2018-07-19 09:49:42 (UTC)	1	Fn
System	Get Time	type = Ticks, time = 10892645	1	Fn
Module	Get Handle	module_name = c:\windows\system32\cmd.exe, base_address = 0x4a430000	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x755924c2	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	2	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
Environment	Get Environment String	-	2	Fn Data
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 192, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE	1	Fn
Module	Get Filename	process_name = c:\windows\system32\cmd.exe, file_name_orig = C:\Windows\system32\cmd.exe, size = 260	1	Fn
Environment	Get Environment String	name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\	1	Fn
Environment	Get Environment String	name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC	1	Fn
Environment	Get Environment String	name = PROMPT	1	Fn
Environment	Set Environment String	name = PROMPT, value = $P$G	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Get Environment String	name = COMSPEC, result_out = C:\Windows\system32\cmd.exe	1	Fn
Environment	Get Environment String	name = KEYS	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\Desktop, type = file_attributes	2	Fn
Environment	Set Environment String	name = =C:, value = C:\Users\2XC7u663GxWc\Desktop	1	Fn
Environment	Get Environment String	-	1	Fn Data
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = CopyFileExW, address_out = 0x7557ac6c	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = IsDebuggerPresent, address_out = 0x75583ea8	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x75592732	1	Fn
File	Get Info	filename = cscript.exe, type = file_attributes	1	Fn
Environment	Get Environment String	name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\	1	Fn
Environment	Get Environment String	name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC	1	Fn
Process	Create	process_name = C:\Windows\system32\cscript.exe, os_pid = 0xe0c, creation_flags = CREATE_EXTENDED_STARTUPINFO_PRESENT, show_window = SW_SHOWNORMAL	1	Fn
Environment	Set Environment String	name = COPYCMD	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Set Environment String	name = =ExitCode, value = 00000000	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Set Environment String	name = =ExitCodeAscii	1	Fn
Environment	Get Environment String	-	1	Fn Data
File	Open	filename = STD_OUTPUT_HANDLE	2	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn

Process #11: cscript.exe

Information	Value
ID	#11
File Name	c:\windows\system32\cscript.exe
Command Line	cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs
Initial Working Directory	C:\Users\2XC7u663GxWc\Desktop\
Monitor	Start Time: 00:00:42, Reason: Child Process
Unmonitor	End Time: 00:00:43, Reason: Self Terminated
Monitor Duration	00:00:01

OS Process Information

Information	Value
PID	0xe0c
Parent PID	0xdf8 (c:\windows\system32\cmd.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x E10 0x E18 0x E2C 0x E34 0x E38 0x E3C 0x E40 0x E44

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	-	-	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000030000	0x00030000	0x00033fff	Pagefile Backed Memory	-	-	-
locale.nls	0x00040000	0x000a6fff	Memory Mapped File	-	-	-
pagefile_0x00000000000b0000	0x000b0000	0x000b6fff	Pagefile Backed Memory	-	-	-
private_0x00000000000c0000	0x000c0000	0x000cffff	Private Memory	-	-	-
pagefile_0x00000000000d0000	0x000d0000	0x00197fff	Pagefile Backed Memory	-	-	-
pagefile_0x00000000001a0000	0x001a0000	0x001a1fff	Pagefile Backed Memory	-	-	-
private_0x00000000001b0000	0x001b0000	0x002affff	Private Memory	-	-	-
pagefile_0x00000000002b0000	0x002b0000	0x003b0fff	Pagefile Backed Memory	-	-	-
cscript.exe.mui	0x003c0000	0x003c2fff	Memory Mapped File	-	-	-
private_0x00000000003d0000	0x003d0000	0x004cffff	Private Memory	-	-	-
private_0x00000000004d0000	0x004d0000	0x004d0fff	Private Memory	-	-	-
private_0x00000000004e0000	0x004e0000	0x004e0fff	Private Memory	-	-	-
rpcss.dll	0x004f0000	0x0054bfff	Memory Mapped File	-	-	-
private_0x00000000004f0000	0x004f0000	0x005fffff	Private Memory	-	-	-
cscript.exe	0x004f0000	0x004fbfff	Memory Mapped File	-	-	-
pagefile_0x0000000000500000	0x00500000	0x00500fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000510000	0x00510000	0x00510fff	Pagefile Backed Memory	-	-	-
retrive4432003530389164433.vbs	0x00520000	0x00520fff	Memory Mapped File	-	-	-
rsaenh.dll	0x00520000	0x0055bfff	Memory Mapped File	-	-	-
private_0x0000000000520000	0x00520000	0x0052ffff	Private Memory	-	-	-
retrive4432003530389164433.vbs	0x00530000	0x00530fff	Memory Mapped File	-	-	-
wbemdisp.tlb	0x00530000	0x0053efff	Memory Mapped File	-	-	-
private_0x00000000005c0000	0x005c0000	0x005fffff	Private Memory	-	-	-
pagefile_0x0000000000600000	0x00600000	0x006defff	Pagefile Backed Memory	-	-	-
private_0x0000000000730000	0x00730000	0x0082ffff	Private Memory	-	-	-
private_0x0000000000880000	0x00880000	0x0097ffff	Private Memory	-	-	-
sortdefault.nls	0x00980000	0x00c4efff	Memory Mapped File	-	-	-
cscript.exe	0x00d10000	0x00d31fff	Memory Mapped File	-	-	-
pagefile_0x0000000000d40000	0x00d40000	0x0193ffff	Pagefile Backed Memory	-	-	-
private_0x00000000019b0000	0x019b0000	0x01aaffff	Private Memory	-	-	-
pagefile_0x0000000001ab0000	0x01ab0000	0x01eaffff	Pagefile Backed Memory	-	-	-
private_0x0000000001eb0000	0x01eb0000	0x01ffffff	Private Memory	-	-	-
private_0x0000000001eb0000	0x01eb0000	0x01faffff	Private Memory	-	-	-
private_0x0000000001ff0000	0x01ff0000	0x01ffffff	Private Memory	-	-	-
private_0x0000000002020000	0x02020000	0x0211ffff	Private Memory	-	-	-
private_0x0000000002120000	0x02120000	0x0221ffff	Private Memory	-	-	-
private_0x0000000002220000	0x02220000	0x0235ffff	Private Memory	-	-	-
private_0x00000000023c0000	0x023c0000	0x024bffff	Private Memory	-	-	-
private_0x00000000024d0000	0x024d0000	0x025cffff	Private Memory	-	-	-
private_0x0000000002640000	0x02640000	0x0273ffff	Private Memory	-	-	-
comctl32.dll	0x6ce60000	0x6cee3fff	Memory Mapped File	-	-	-
vbscript.dll	0x6cef0000	0x6cf5afff	Memory Mapped File	-	-	-
wbemdisp.dll	0x6cf90000	0x6cfc0fff	Memory Mapped File	-	-	-
wmiutils.dll	0x70770000	0x70786fff	Memory Mapped File	-	-	-
wbemsvc.dll	0x70970000	0x7097efff	Memory Mapped File	-	-	-
wbemprox.dll	0x70d40000	0x70d49fff	Memory Mapped File	-	-	-
ntdsapi.dll	0x70d50000	0x70d67fff	Memory Mapped File	-	-	-
fastprox.dll	0x70d70000	0x70e05fff	Memory Mapped File	-	-	-
wbemcomn.dll	0x71280000	0x712dbfff	Memory Mapped File	-	-	-
scrobj.dll	0x71fb0000	0x71fdcfff	Memory Mapped File	-	-	-
wshext.dll	0x720d0000	0x720e5fff	Memory Mapped File	-	-	-
msisip.dll	0x720f0000	0x720f7fff	Memory Mapped File	-	-	-
dwmapi.dll	0x731f0000	0x73202fff	Memory Mapped File	-	-	-
uxtheme.dll	0x73530000	0x7356ffff	Memory Mapped File	-	-	-
version.dll	0x74450000	0x74458fff	Memory Mapped File	-	-	-
rsaenh.dll	0x74770000	0x747aafff	Memory Mapped File	-	-	-
cryptsp.dll	0x749d0000	0x749e5fff	Memory Mapped File	-	-	-
cryptbase.dll	0x74e50000	0x74e5bfff	Memory Mapped File	-	-	-
sxs.dll	0x74e60000	0x74ebefff	Memory Mapped File	-	-	-
rpcrtremote.dll	0x74ef0000	0x74efdfff	Memory Mapped File	-	-	-
msasn1.dll	0x74f70000	0x74f7bfff	Memory Mapped File	-	-	-
crypt32.dll	0x74f80000	0x7509cfff	Memory Mapped File	-	-	-
wintrust.dll	0x750c0000	0x750ecfff	Memory Mapped File	-	-	-
kernelbase.dll	0x75180000	0x751c9fff	Memory Mapped File	-	-	-
imm32.dll	0x75200000	0x7521efff	Memory Mapped File	-	-	-
shlwapi.dll	0x75220000	0x75276fff	Memory Mapped File	-	-	-
advapi32.dll	0x75280000	0x7531ffff	Memory Mapped File	-	-	-
msctf.dll	0x75370000	0x7543bfff	Memory Mapped File	-	-	-
sechost.dll	0x75440000	0x75458fff	Memory Mapped File	-	-	-
clbcatq.dll	0x75460000	0x754e2fff	Memory Mapped File	-	-	-
gdi32.dll	0x754f0000	0x7553dfff	Memory Mapped File	-	-	-
kernel32.dll	0x75540000	0x75613fff	Memory Mapped File	-	-	-
msvcrt.dll	0x75650000	0x756fbfff	Memory Mapped File	-	-	-
shell32.dll	0x75700000	0x76349fff	Memory Mapped File	-	-	-
ole32.dll	0x76360000	0x764bbfff	Memory Mapped File	-	-	-
rpcrt4.dll	0x764c0000	0x76560fff	Memory Mapped File	-	-	-
usp10.dll	0x76570000	0x7660cfff	Memory Mapped File	-	-	-
nsi.dll	0x76850000	0x76855fff	Memory Mapped File	-	-	-
ws2_32.dll	0x76870000	0x768a4fff	Memory Mapped File	-	-	-
oleaut32.dll	0x76ab0000	0x76b3efff	Memory Mapped File	-	-	-
user32.dll	0x76b40000	0x76c08fff	Memory Mapped File	-	-	-
ntdll.dll	0x76db0000	0x76eebfff	Memory Mapped File	-	-	-
lpk.dll	0x76f50000	0x76f59fff	Memory Mapped File	-	-	-
apisetschema.dll	0x76ff0000	0x76ff0fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffd7000	0x7ffd7000	0x7ffd7fff	Private Memory	-	-	-
private_0x000000007ffd8000	0x7ffd8000	0x7ffd8fff	Private Memory	-	-	-
private_0x000000007ffd9000	0x7ffd9000	0x7ffd9fff	Private Memory	-	-	-
private_0x000000007ffda000	0x7ffda000	0x7ffdafff	Private Memory	-	-	-
private_0x000000007ffdb000	0x7ffdb000	0x7ffdbfff	Private Memory	-	-	-
private_0x000000007ffdc000	0x7ffdc000	0x7ffdcfff	Private Memory	-	-	-
private_0x000000007ffdd000	0x7ffdd000	0x7ffddfff	Private Memory	-	-	-
private_0x000000007ffde000	0x7ffde000	0x7ffdefff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-

Threads

Thread 0xe10

Category	Operation	Information	Count	Logfile
System	Get Time	type = System Time, time = 2018-07-19 09:49:42 (UTC)	1	Fn
System	Get Time	type = Ticks, time = 10892707	1	Fn
Module	Get Handle	module_name = c:\windows\system32\cscript.exe, base_address = 0xd10000	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Load	module_name = kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x755924c2	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 228, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = Enabled, data = 228, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = Enabled, data = 228, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 0, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = LogSecuritySuccesses, data = 0, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = LogSecuritySuccesses, data = 0, type = REG_NONE	1	Fn
Module	Load	module_name = kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = HeapSetInformation, address_out = 0x75594157	1	Fn
Module	Get Filename	module_name = c:\windows\system32\cscript.exe, process_name = c:\windows\system32\cscript.exe, file_name_orig = C:\Windows\system32\cscript.exe, size = 261	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 237, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = TrustPolicy, data = 181, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = UseWINSAFER, data = 237, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = TrustPolicy, data = 181, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = UseWINSAFER, data = 1, type = REG_SZ	1	Fn
Registry	Create Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = Timeout, data = 48, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = DisplayLogo, data = 1, type = REG_SZ	1	Fn
Registry	Create Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = Timeout, data = 48, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = DisplayLogo, data = 49, type = REG_NONE	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	1	Fn
File	Write	filename = STD_OUTPUT_HANDLE, size = 108	1	Fn Data
System	Sleep	duration = -1 (infinite)	1	Fn
Registry	Open Key	reg_name = HKEY_CLASSES_ROOT\.vbs	1	Fn
Registry	Read Value	reg_name = HKEY_CLASSES_ROOT\.vbs, data = VBSFile, type = REG_SZ	1	Fn
Registry	Open Key	reg_name = HKEY_CLASSES_ROOT\VBSFile\ScriptEngine	1	Fn
Registry	Read Value	reg_name = HKEY_CLASSES_ROOT\VBSFile\ScriptEngine, data = VBScript, type = REG_SZ	1	Fn
COM	Create	interface = 00000000-0000-0000-C000-000000000046, cls_context = CLSCTX_INPROC_SERVER, CLSCTX_INPROC_HANDLER, CLSCTX_LOCAL_SERVER, CLSCTX_REMOTE_SERVER	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Load	module_name = ole32.dll, base_address = 0x76360000	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = CoCreateInstance, address_out = 0x763a9d0b	1	Fn
COM	Create	interface = 6C736DC1-AB0D-11D0-A2AD-00A0C90F27E8, cls_context = CLSCTX_INPROC_SERVER	1	Fn
System	Get Time	type = Ticks, time = 10892785	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = size	1	Fn
Module	Create Mapping	module_name = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, protection = PAGE_READONLY, maximum_size = 281	1	Fn
Module	Map	C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, process_name = c:\windows\system32\cscript.exe, desired_access = FILE_MAP_READ	1	Fn
Module	Unmap	process_name = c:\windows\system32\cscript.exe	1	Fn
System	Get Info	type = System Directory	1	Fn
System	Get Info	type = System Directory, result_out = C:\Windows\system32	1	Fn
Module	Load	module_name = C:\Windows\system32\advapi32.dll, base_address = 0x75280000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferIdentifyLevel, address_out = 0x752a2102	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferComputeTokenFromLevel, address_out = 0x752a3352	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferCloseLevel, address_out = 0x752a3825	1	Fn
System	Get Info	type = Operating System	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, type = size	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs, size = 281, size_out = 281	1	Fn Data
COM	Create	interface = E4D1C9B0-46E8-11D4-A2A6-00104BD35090, cls_context = CLSCTX_INPROC_SERVER	1	Fn
System	Get Info	type = Operating System	1	Fn
System	Get Info	type = Hardware Information	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = CreateBindCtx, address_out = 0x763a6d2c	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = MkParseDisplayName, address_out = 0x7636cea9	1	Fn
System	Get Info	type = Operating System	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Wbem\Scripting	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Wbem\Scripting, value_name = Default Impersonation Level, data = 3	1	Fn
System	Get Info	type = System Directory, result_out = C:\Windows\system32	1	Fn
Module	Load	module_name = C:\Windows\system32\advapi32.dll, base_address = 0x75280000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = DuplicateTokenEx, address_out = 0x7528ca24	1	Fn
COM	Create	interface = DC12A687-737F-11CF-884D-00AA004B2E24, cls_context = CLSCTX_INPROC_SERVER	1	Fn
COM	Create	interface = 3BC15AF2-736C-477E-9E51-238AF8667DCC, cls_context = CLSCTX_INPROC_SERVER	5	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = BindMoniker, address_out = 0x7636c6a7	1	Fn
System	Sleep	duration = -1 (infinite)	1	Fn

Thread 0xe2c

Category	Operation	Information	Success	Count	Logfile
Window	Create	class_name = WSH-Timer, wndproc_parameter = 795432		1	Fn
Window	Set Attribute	class_name = WSH-Timer, index = 18446744073709551595, new_long = 795432		1	Fn

Process #12: cmd.exe

Information	Value
ID	#12
File Name	c:\windows\system32\cmd.exe
Command Line	cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive8453022226677560905.vbs
Initial Working Directory	C:\Users\2XC7u663GxWc\Desktop\
Monitor	Start Time: 00:00:42, Reason: Child Process
Unmonitor	End Time: 00:00:44, Reason: Self Terminated
Monitor Duration	00:00:02

OS Process Information

Information	Value
PID	0xe1c
Parent PID	0xd18 (c:\program files\java\jre7\bin\java.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x E20

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	-	-	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000030000	0x00030000	0x00033fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000040000	0x00040000	0x00040fff	Pagefile Backed Memory	-	-	-
locale.nls	0x00050000	0x000b6fff	Memory Mapped File	-	-	-
pagefile_0x00000000000c0000	0x000c0000	0x000c6fff	Pagefile Backed Memory	-	-	-
pagefile_0x00000000000d0000	0x000d0000	0x000d1fff	Pagefile Backed Memory	-	-	-
private_0x00000000000e0000	0x000e0000	0x000effff	Private Memory	-	-	-
pagefile_0x00000000000f0000	0x000f0000	0x001b7fff	Pagefile Backed Memory	-	-	-
private_0x00000000001c0000	0x001c0000	0x001c0fff	Private Memory	-	-	-
private_0x00000000001d0000	0x001d0000	0x001d0fff	Private Memory	-	-	-
cscript.exe	0x001e0000	0x00201fff	Memory Mapped File	-	-	-
cscript.exe.mui	0x00210000	0x00212fff	Memory Mapped File	-	-	-
private_0x0000000000220000	0x00220000	0x0031ffff	Private Memory	-	-	-
pagefile_0x0000000000320000	0x00320000	0x00420fff	Pagefile Backed Memory	-	-	-
private_0x0000000000480000	0x00480000	0x0057ffff	Private Memory	-	-	-
pagefile_0x0000000000580000	0x00580000	0x0117ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000001180000	0x01180000	0x0140afff	Pagefile Backed Memory	-	-	-
sortdefault.nls	0x01410000	0x016defff	Memory Mapped File	-	-	-
cmd.exe	0x4a430000	0x4a47bfff	Memory Mapped File	-	-	-
winbrand.dll	0x6e390000	0x6e396fff	Memory Mapped File	-	-	-
kernelbase.dll	0x75180000	0x751c9fff	Memory Mapped File	-	-	-
imm32.dll	0x75200000	0x7521efff	Memory Mapped File	-	-	-
msctf.dll	0x75370000	0x7543bfff	Memory Mapped File	-	-	-
gdi32.dll	0x754f0000	0x7553dfff	Memory Mapped File	-	-	-
kernel32.dll	0x75540000	0x75613fff	Memory Mapped File	-	-	-
msvcrt.dll	0x75650000	0x756fbfff	Memory Mapped File	-	-	-
usp10.dll	0x76570000	0x7660cfff	Memory Mapped File	-	-	-
user32.dll	0x76b40000	0x76c08fff	Memory Mapped File	-	-	-
ntdll.dll	0x76db0000	0x76eebfff	Memory Mapped File	-	-	-
lpk.dll	0x76f50000	0x76f59fff	Memory Mapped File	-	-	-
apisetschema.dll	0x76ff0000	0x76ff0fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffde000	0x7ffde000	0x7ffdefff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-

Threads

Thread 0xe20

Category	Operation	Information	Count	Logfile
System	Get Time	type = System Time, time = 2018-07-19 09:49:42 (UTC)	1	Fn
System	Get Time	type = Ticks, time = 10892910	1	Fn
Module	Get Handle	module_name = c:\windows\system32\cmd.exe, base_address = 0x4a430000	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x755924c2	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	2	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
Environment	Get Environment String	-	2	Fn Data
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 192, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE	1	Fn
Module	Get Filename	process_name = c:\windows\system32\cmd.exe, file_name_orig = C:\Windows\system32\cmd.exe, size = 260	1	Fn
Environment	Get Environment String	name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\	1	Fn
Environment	Get Environment String	name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC	1	Fn
Environment	Get Environment String	name = PROMPT	1	Fn
Environment	Set Environment String	name = PROMPT, value = $P$G	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Get Environment String	name = COMSPEC, result_out = C:\Windows\system32\cmd.exe	1	Fn
Environment	Get Environment String	name = KEYS	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\Desktop, type = file_attributes	2	Fn
Environment	Set Environment String	name = =C:, value = C:\Users\2XC7u663GxWc\Desktop	1	Fn
Environment	Get Environment String	-	1	Fn Data
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = CopyFileExW, address_out = 0x7557ac6c	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = IsDebuggerPresent, address_out = 0x75583ea8	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x75592732	1	Fn
File	Get Info	filename = cscript.exe, type = file_attributes	1	Fn
Environment	Get Environment String	name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\	1	Fn
Environment	Get Environment String	name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC	1	Fn
Process	Create	process_name = C:\Windows\system32\cscript.exe, os_pid = 0xe48, creation_flags = CREATE_EXTENDED_STARTUPINFO_PRESENT, show_window = SW_SHOWNORMAL	1	Fn
Environment	Set Environment String	name = COPYCMD	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Set Environment String	name = =ExitCode, value = 00000000	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Set Environment String	name = =ExitCodeAscii	1	Fn
Environment	Get Environment String	-	1	Fn Data
File	Open	filename = STD_OUTPUT_HANDLE	2	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn

Process #13: cscript.exe

Information	Value
ID	#13
File Name	c:\windows\system32\cscript.exe
Command Line	cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive8453022226677560905.vbs
Initial Working Directory	C:\Users\2XC7u663GxWc\Desktop\
Monitor	Start Time: 00:00:42, Reason: Child Process
Unmonitor	End Time: 00:00:44, Reason: Self Terminated
Monitor Duration	00:00:02

OS Process Information

Information	Value
PID	0xe48
Parent PID	0xe1c (c:\windows\system32\cmd.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x E4C 0x E54 0x E60 0x E6C 0x E70 0x E74 0x E7C 0x E80

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	-	-	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000030000	0x00030000	0x00033fff	Pagefile Backed Memory	-	-	-
locale.nls	0x00040000	0x000a6fff	Memory Mapped File	-	-	-
pagefile_0x00000000000b0000	0x000b0000	0x000b6fff	Pagefile Backed Memory	-	-	-
pagefile_0x00000000000c0000	0x000c0000	0x000c1fff	Pagefile Backed Memory	-	-	-
cscript.exe.mui	0x000d0000	0x000d2fff	Memory Mapped File	-	-	-
private_0x00000000000e0000	0x000e0000	0x000e0fff	Private Memory	-	-	-
private_0x00000000000f0000	0x000f0000	0x000f0fff	Private Memory	-	-	-
cscript.exe	0x00100000	0x0010bfff	Memory Mapped File	-	-	-
pagefile_0x0000000000110000	0x00110000	0x00110fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000120000	0x00120000	0x00120fff	Pagefile Backed Memory	-	-	-
retrive8453022226677560905.vbs	0x00130000	0x00130fff	Memory Mapped File	-	-	-
private_0x0000000000130000	0x00130000	0x0013ffff	Private Memory	-	-	-
retrive8453022226677560905.vbs	0x00140000	0x00140fff	Memory Mapped File	-	-	-
wbemdisp.tlb	0x00140000	0x0014efff	Memory Mapped File	-	-	-
private_0x0000000000150000	0x00150000	0x0015ffff	Private Memory	-	-	-
rpcss.dll	0x00160000	0x001bbfff	Memory Mapped File	-	-	-
rsaenh.dll	0x00160000	0x0019bfff	Memory Mapped File	-	-	-
private_0x00000000001d0000	0x001d0000	0x002cffff	Private Memory	-	-	-
pagefile_0x00000000002d0000	0x002d0000	0x00397fff	Pagefile Backed Memory	-	-	-
private_0x0000000000450000	0x00450000	0x0054ffff	Private Memory	-	-	-
pagefile_0x0000000000550000	0x00550000	0x00650fff	Pagefile Backed Memory	-	-	-
private_0x0000000000660000	0x00660000	0x0071ffff	Private Memory	-	-	-
pagefile_0x0000000000720000	0x00720000	0x007fefff	Pagefile Backed Memory	-	-	-
private_0x0000000000800000	0x00800000	0x0096ffff	Private Memory	-	-	-
private_0x0000000000800000	0x00800000	0x008fffff	Private Memory	-	-	-
private_0x0000000000960000	0x00960000	0x0096ffff	Private Memory	-	-	-
private_0x0000000000970000	0x00970000	0x00a6ffff	Private Memory	-	-	-
private_0x0000000000b70000	0x00b70000	0x00c6ffff	Private Memory	-	-	-
cscript.exe	0x00d10000	0x00d31fff	Memory Mapped File	-	-	-
pagefile_0x0000000000d40000	0x00d40000	0x0193ffff	Pagefile Backed Memory	-	-	-
sortdefault.nls	0x01940000	0x01c0efff	Memory Mapped File	-	-	-
private_0x0000000001cf0000	0x01cf0000	0x01deffff	Private Memory	-	-	-
pagefile_0x0000000001df0000	0x01df0000	0x021effff	Pagefile Backed Memory	-	-	-
private_0x00000000021f0000	0x021f0000	0x022effff	Private Memory	-	-	-
private_0x00000000022f0000	0x022f0000	0x024cffff	Private Memory	-	-	-
private_0x0000000002390000	0x02390000	0x0248ffff	Private Memory	-	-	-
private_0x0000000002490000	0x02490000	0x024cffff	Private Memory	-	-	-
private_0x00000000024d0000	0x024d0000	0x0268ffff	Private Memory	-	-	-
private_0x0000000002500000	0x02500000	0x025fffff	Private Memory	-	-	-
private_0x0000000002650000	0x02650000	0x0268ffff	Private Memory	-	-	-
private_0x00000000026c0000	0x026c0000	0x027bffff	Private Memory	-	-	-
comctl32.dll	0x6ced0000	0x6cf53fff	Memory Mapped File	-	-	-
vbscript.dll	0x6cf60000	0x6cfcafff	Memory Mapped File	-	-	-
wmiutils.dll	0x70770000	0x70786fff	Memory Mapped File	-	-	-
wbemsvc.dll	0x70970000	0x7097efff	Memory Mapped File	-	-	-
wbemprox.dll	0x70d40000	0x70d49fff	Memory Mapped File	-	-	-
ntdsapi.dll	0x70d50000	0x70d67fff	Memory Mapped File	-	-	-
fastprox.dll	0x70d70000	0x70e05fff	Memory Mapped File	-	-	-
wbemcomn.dll	0x71280000	0x712dbfff	Memory Mapped File	-	-	-
wbemdisp.dll	0x71fa0000	0x71fd0fff	Memory Mapped File	-	-	-
scrobj.dll	0x720b0000	0x720dcfff	Memory Mapped File	-	-	-
wshext.dll	0x720e0000	0x720f5fff	Memory Mapped File	-	-	-
msisip.dll	0x72100000	0x72107fff	Memory Mapped File	-	-	-
dwmapi.dll	0x731f0000	0x73202fff	Memory Mapped File	-	-	-
uxtheme.dll	0x73530000	0x7356ffff	Memory Mapped File	-	-	-
version.dll	0x74450000	0x74458fff	Memory Mapped File	-	-	-
rsaenh.dll	0x74770000	0x747aafff	Memory Mapped File	-	-	-
cryptsp.dll	0x749d0000	0x749e5fff	Memory Mapped File	-	-	-
cryptbase.dll	0x74e50000	0x74e5bfff	Memory Mapped File	-	-	-
sxs.dll	0x74e60000	0x74ebefff	Memory Mapped File	-	-	-
rpcrtremote.dll	0x74ef0000	0x74efdfff	Memory Mapped File	-	-	-
msasn1.dll	0x74f70000	0x74f7bfff	Memory Mapped File	-	-	-
crypt32.dll	0x74f80000	0x7509cfff	Memory Mapped File	-	-	-
wintrust.dll	0x750c0000	0x750ecfff	Memory Mapped File	-	-	-
kernelbase.dll	0x75180000	0x751c9fff	Memory Mapped File	-	-	-
imm32.dll	0x75200000	0x7521efff	Memory Mapped File	-	-	-
shlwapi.dll	0x75220000	0x75276fff	Memory Mapped File	-	-	-
advapi32.dll	0x75280000	0x7531ffff	Memory Mapped File	-	-	-
msctf.dll	0x75370000	0x7543bfff	Memory Mapped File	-	-	-
sechost.dll	0x75440000	0x75458fff	Memory Mapped File	-	-	-
clbcatq.dll	0x75460000	0x754e2fff	Memory Mapped File	-	-	-
gdi32.dll	0x754f0000	0x7553dfff	Memory Mapped File	-	-	-
kernel32.dll	0x75540000	0x75613fff	Memory Mapped File	-	-	-
msvcrt.dll	0x75650000	0x756fbfff	Memory Mapped File	-	-	-
shell32.dll	0x75700000	0x76349fff	Memory Mapped File	-	-	-
ole32.dll	0x76360000	0x764bbfff	Memory Mapped File	-	-	-
rpcrt4.dll	0x764c0000	0x76560fff	Memory Mapped File	-	-	-
usp10.dll	0x76570000	0x7660cfff	Memory Mapped File	-	-	-
nsi.dll	0x76850000	0x76855fff	Memory Mapped File	-	-	-
ws2_32.dll	0x76870000	0x768a4fff	Memory Mapped File	-	-	-
oleaut32.dll	0x76ab0000	0x76b3efff	Memory Mapped File	-	-	-
user32.dll	0x76b40000	0x76c08fff	Memory Mapped File	-	-	-
ntdll.dll	0x76db0000	0x76eebfff	Memory Mapped File	-	-	-
lpk.dll	0x76f50000	0x76f59fff	Memory Mapped File	-	-	-
apisetschema.dll	0x76ff0000	0x76ff0fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffd6000	0x7ffd6000	0x7ffd6fff	Private Memory	-	-	-
private_0x000000007ffd8000	0x7ffd8000	0x7ffd8fff	Private Memory	-	-	-
private_0x000000007ffd9000	0x7ffd9000	0x7ffd9fff	Private Memory	-	-	-
private_0x000000007ffda000	0x7ffda000	0x7ffdafff	Private Memory	-	-	-
private_0x000000007ffdb000	0x7ffdb000	0x7ffdbfff	Private Memory	-	-	-
private_0x000000007ffdc000	0x7ffdc000	0x7ffdcfff	Private Memory	-	-	-
private_0x000000007ffdd000	0x7ffdd000	0x7ffddfff	Private Memory	-	-	-
private_0x000000007ffde000	0x7ffde000	0x7ffdefff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-

Threads

Thread 0xe4c

Category	Operation	Information	Count	Logfile
System	Get Time	type = System Time, time = 2018-07-19 09:49:42 (UTC)	1	Fn
System	Get Time	type = Ticks, time = 10893003	1	Fn
Module	Get Handle	module_name = c:\windows\system32\cscript.exe, base_address = 0xd10000	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Load	module_name = kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x755924c2	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 196, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = Enabled, data = 196, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = Enabled, data = 196, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 0, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = LogSecuritySuccesses, data = 0, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = LogSecuritySuccesses, data = 0, type = REG_NONE	1	Fn
Module	Load	module_name = kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = HeapSetInformation, address_out = 0x75594157	1	Fn
Module	Get Filename	module_name = c:\windows\system32\cscript.exe, process_name = c:\windows\system32\cscript.exe, file_name_orig = C:\Windows\system32\cscript.exe, size = 261	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 237, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = TrustPolicy, data = 30, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = UseWINSAFER, data = 237, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = TrustPolicy, data = 30, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = UseWINSAFER, data = 1, type = REG_SZ	1	Fn
Registry	Create Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = Timeout, data = 16, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = DisplayLogo, data = 1, type = REG_SZ	1	Fn
Registry	Create Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = Timeout, data = 16, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = DisplayLogo, data = 49, type = REG_NONE	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	1	Fn
File	Write	filename = STD_OUTPUT_HANDLE, size = 108	1	Fn Data
System	Sleep	duration = -1 (infinite)	1	Fn
Registry	Open Key	reg_name = HKEY_CLASSES_ROOT\.vbs	1	Fn
Registry	Read Value	reg_name = HKEY_CLASSES_ROOT\.vbs, data = VBSFile, type = REG_SZ	1	Fn
Registry	Open Key	reg_name = HKEY_CLASSES_ROOT\VBSFile\ScriptEngine	1	Fn
Registry	Read Value	reg_name = HKEY_CLASSES_ROOT\VBSFile\ScriptEngine, data = VBScript, type = REG_SZ	1	Fn
COM	Create	interface = 00000000-0000-0000-C000-000000000046, cls_context = CLSCTX_INPROC_SERVER, CLSCTX_INPROC_HANDLER, CLSCTX_LOCAL_SERVER, CLSCTX_REMOTE_SERVER	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Load	module_name = ole32.dll, base_address = 0x76360000	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = CoCreateInstance, address_out = 0x763a9d0b	1	Fn
COM	Create	interface = 6C736DC1-AB0D-11D0-A2AD-00A0C90F27E8, cls_context = CLSCTX_INPROC_SERVER	1	Fn
System	Get Time	type = Ticks, time = 10893159	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive8453022226677560905.vbs, desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive8453022226677560905.vbs, type = size	1	Fn
Module	Create Mapping	module_name = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive8453022226677560905.vbs, filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive8453022226677560905.vbs, protection = PAGE_READONLY, maximum_size = 281	1	Fn
Module	Map	C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive8453022226677560905.vbs, process_name = c:\windows\system32\cscript.exe, desired_access = FILE_MAP_READ	1	Fn
Module	Unmap	process_name = c:\windows\system32\cscript.exe	1	Fn
System	Get Info	type = System Directory	1	Fn
System	Get Info	type = System Directory, result_out = C:\Windows\system32	1	Fn
Module	Load	module_name = C:\Windows\system32\advapi32.dll, base_address = 0x75280000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferIdentifyLevel, address_out = 0x752a2102	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferComputeTokenFromLevel, address_out = 0x752a3352	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferCloseLevel, address_out = 0x752a3825	1	Fn
System	Get Info	type = Operating System	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive8453022226677560905.vbs, type = size	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive8453022226677560905.vbs, size = 281, size_out = 281	1	Fn Data
COM	Create	interface = E4D1C9B0-46E8-11D4-A2A6-00104BD35090, cls_context = CLSCTX_INPROC_SERVER	1	Fn
System	Get Info	type = Operating System	1	Fn
System	Get Info	type = Hardware Information	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = CreateBindCtx, address_out = 0x763a6d2c	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = MkParseDisplayName, address_out = 0x7636cea9	1	Fn
System	Get Info	type = Operating System	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Wbem\Scripting	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Wbem\Scripting, value_name = Default Impersonation Level, data = 3	1	Fn
System	Get Info	type = System Directory, result_out = C:\Windows\system32	1	Fn
Module	Load	module_name = C:\Windows\system32\advapi32.dll, base_address = 0x75280000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = DuplicateTokenEx, address_out = 0x7528ca24	1	Fn
COM	Create	interface = DC12A687-737F-11CF-884D-00AA004B2E24, cls_context = CLSCTX_INPROC_SERVER	1	Fn
COM	Create	interface = 3BC15AF2-736C-477E-9E51-238AF8667DCC, cls_context = CLSCTX_INPROC_SERVER	5	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = BindMoniker, address_out = 0x7636c6a7	1	Fn
System	Sleep	duration = -1 (infinite)	1	Fn

Thread 0xe60

Category	Operation	Information	Success	Count	Logfile
Window	Create	class_name = WSH-Timer, wndproc_parameter = 1385256		1	Fn
Window	Set Attribute	class_name = WSH-Timer, index = 18446744073709551595, new_long = 1385256		1	Fn

Process #14: xcopy.exe

Information	Value
ID	#14
File Name	c:\windows\system32\xcopy.exe
Command Line	xcopy "C:\Program Files\Java\jre7" "C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\" /e
Initial Working Directory	C:\Users\2XC7u663GxWc\Desktop\
Monitor	Start Time: 00:00:42, Reason: Child Process
Unmonitor	End Time: 00:00:56, Reason: Self Terminated
Monitor Duration	00:00:14
Remark	No high level activity detected in monitored regions

OS Process Information

Information	Value
PID	0xe58
Parent PID	0xcc0 (c:\program files\java\jre7\bin\java.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x E5C

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	-	-	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000030000	0x00030000	0x00033fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000040000	0x00040000	0x00040fff	Pagefile Backed Memory	-	-	-
private_0x0000000000080000	0x00080000	0x0017ffff	Private Memory	-	-	-
private_0x00000000001c0000	0x001c0000	0x001fffff	Private Memory	-	-	-
locale.nls	0x00200000	0x00266fff	Memory Mapped File	-	-	-
pagefile_0x0000000000270000	0x00270000	0x00337fff	Pagefile Backed Memory	-	-	-
private_0x0000000000390000	0x00390000	0x0039ffff	Private Memory	-	-	-
xcopy.exe	0x003b0000	0x003bbfff	Memory Mapped File	-	-	-
ifsutil.dll	0x6d8f0000	0x6d916fff	Memory Mapped File	-	-	-
ulib.dll	0x71f80000	0x71f9cfff	Memory Mapped File	-	-	-
devobj.dll	0x750a0000	0x750b1fff	Memory Mapped File	-	-	-
kernelbase.dll	0x75180000	0x751c9fff	Memory Mapped File	-	-	-
cfgmgr32.dll	0x751d0000	0x751f6fff	Memory Mapped File	-	-	-
imm32.dll	0x75200000	0x7521efff	Memory Mapped File	-	-	-
advapi32.dll	0x75280000	0x7531ffff	Memory Mapped File	-	-	-
msctf.dll	0x75370000	0x7543bfff	Memory Mapped File	-	-	-
sechost.dll	0x75440000	0x75458fff	Memory Mapped File	-	-	-
gdi32.dll	0x754f0000	0x7553dfff	Memory Mapped File	-	-	-
kernel32.dll	0x75540000	0x75613fff	Memory Mapped File	-	-	-
msvcrt.dll	0x75650000	0x756fbfff	Memory Mapped File	-	-	-
ole32.dll	0x76360000	0x764bbfff	Memory Mapped File	-	-	-
rpcrt4.dll	0x764c0000	0x76560fff	Memory Mapped File	-	-	-
usp10.dll	0x76570000	0x7660cfff	Memory Mapped File	-	-	-
oleaut32.dll	0x76ab0000	0x76b3efff	Memory Mapped File	-	-	-
user32.dll	0x76b40000	0x76c08fff	Memory Mapped File	-	-	-
setupapi.dll	0x76c10000	0x76dacfff	Memory Mapped File	-	-	-
ntdll.dll	0x76db0000	0x76eebfff	Memory Mapped File	-	-	-
lpk.dll	0x76f50000	0x76f59fff	Memory Mapped File	-	-	-
apisetschema.dll	0x76ff0000	0x76ff0fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffd3000	0x7ffd3000	0x7ffd3fff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-

Process #15: xcopy.exe

Information	Value
ID	#15
File Name	c:\windows\system32\xcopy.exe
Command Line	xcopy "C:\Program Files\Java\jre7" "C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\" /e
Initial Working Directory	C:\Users\2XC7u663GxWc\Desktop\
Monitor	Start Time: 00:00:43, Reason: Child Process
Unmonitor	End Time: 00:01:21, Reason: Self Terminated
Monitor Duration	00:00:38
Remark	No high level activity detected in monitored regions

OS Process Information

Information	Value
PID	0xe88
Parent PID	0xd18 (c:\program files\java\jre7\bin\java.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x E8C

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	-	-	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000030000	0x00030000	0x00033fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000040000	0x00040000	0x00040fff	Pagefile Backed Memory	-	-	-
private_0x0000000000070000	0x00070000	0x000affff	Private Memory	-	-	-
private_0x0000000000110000	0x00110000	0x0020ffff	Private Memory	-	-	-
locale.nls	0x00210000	0x00276fff	Memory Mapped File	-	-	-
pagefile_0x0000000000280000	0x00280000	0x00347fff	Pagefile Backed Memory	-	-	-
xcopy.exe	0x003b0000	0x003bbfff	Memory Mapped File	-	-	-
private_0x0000000000580000	0x00580000	0x0058ffff	Private Memory	-	-	-
ifsutil.dll	0x6d8f0000	0x6d916fff	Memory Mapped File	-	-	-
ulib.dll	0x71f80000	0x71f9cfff	Memory Mapped File	-	-	-
devobj.dll	0x750a0000	0x750b1fff	Memory Mapped File	-	-	-
kernelbase.dll	0x75180000	0x751c9fff	Memory Mapped File	-	-	-
cfgmgr32.dll	0x751d0000	0x751f6fff	Memory Mapped File	-	-	-
imm32.dll	0x75200000	0x7521efff	Memory Mapped File	-	-	-
advapi32.dll	0x75280000	0x7531ffff	Memory Mapped File	-	-	-
msctf.dll	0x75370000	0x7543bfff	Memory Mapped File	-	-	-
sechost.dll	0x75440000	0x75458fff	Memory Mapped File	-	-	-
gdi32.dll	0x754f0000	0x7553dfff	Memory Mapped File	-	-	-
kernel32.dll	0x75540000	0x75613fff	Memory Mapped File	-	-	-
msvcrt.dll	0x75650000	0x756fbfff	Memory Mapped File	-	-	-
ole32.dll	0x76360000	0x764bbfff	Memory Mapped File	-	-	-
rpcrt4.dll	0x764c0000	0x76560fff	Memory Mapped File	-	-	-
usp10.dll	0x76570000	0x7660cfff	Memory Mapped File	-	-	-
oleaut32.dll	0x76ab0000	0x76b3efff	Memory Mapped File	-	-	-
user32.dll	0x76b40000	0x76c08fff	Memory Mapped File	-	-	-
setupapi.dll	0x76c10000	0x76dacfff	Memory Mapped File	-	-	-
ntdll.dll	0x76db0000	0x76eebfff	Memory Mapped File	-	-	-
lpk.dll	0x76f50000	0x76f59fff	Memory Mapped File	-	-	-
apisetschema.dll	0x76ff0000	0x76ff0fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffd8000	0x7ffd8000	0x7ffd8fff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-

Process #16: reg.exe

Information	Value
ID	#16
File Name	c:\windows\system32\reg.exe
Command Line	reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v NTMGCGGUKus /t REG_EXPAND_SZ /d "\"C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\javaw.exe\" -jar \"C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm\"" /f
Initial Working Directory	C:\Users\2XC7u663GxWc\Desktop\
Monitor	Start Time: 00:00:57, Reason: Child Process
Unmonitor	End Time: 00:00:59, Reason: Self Terminated
Monitor Duration	00:00:02

OS Process Information

Information	Value
PID	0xf40
Parent PID	0xcc0 (c:\program files\java\jre7\bin\java.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x F44

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	-	-	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000030000	0x00030000	0x00033fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000040000	0x00040000	0x00040fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000050000	0x00050000	0x00056fff	Pagefile Backed Memory	-	-	-
private_0x0000000000060000	0x00060000	0x0009ffff	Private Memory	-	-	-
locale.nls	0x000a0000	0x00106fff	Memory Mapped File	-	-	-
pagefile_0x0000000000110000	0x00110000	0x00111fff	Pagefile Backed Memory	-	-	-
reg.exe.mui	0x00120000	0x00128fff	Memory Mapped File	-	-	-
private_0x0000000000130000	0x00130000	0x00130fff	Private Memory	-	-	-
private_0x0000000000140000	0x00140000	0x00140fff	Private Memory	-	-	-
private_0x0000000000150000	0x00150000	0x0024ffff	Private Memory	-	-	-
private_0x00000000002f0000	0x002f0000	0x002fffff	Private Memory	-	-	-
pagefile_0x0000000000300000	0x00300000	0x003c7fff	Pagefile Backed Memory	-	-	-
pagefile_0x00000000003d0000	0x003d0000	0x004d0fff	Pagefile Backed Memory	-	-	-
sortdefault.nls	0x004e0000	0x007aefff	Memory Mapped File	-	-	-
kernelbase.dll.mui	0x007b0000	0x0086ffff	Memory Mapped File	-	-	-
reg.exe	0x00a00000	0x00a51fff	Memory Mapped File	-	-	-
pagefile_0x0000000000a60000	0x00a60000	0x0165ffff	Pagefile Backed Memory	-	-	-
kernelbase.dll	0x75180000	0x751c9fff	Memory Mapped File	-	-	-
imm32.dll	0x75200000	0x7521efff	Memory Mapped File	-	-	-
shlwapi.dll	0x75220000	0x75276fff	Memory Mapped File	-	-	-
advapi32.dll	0x75280000	0x7531ffff	Memory Mapped File	-	-	-
msctf.dll	0x75370000	0x7543bfff	Memory Mapped File	-	-	-
sechost.dll	0x75440000	0x75458fff	Memory Mapped File	-	-	-
gdi32.dll	0x754f0000	0x7553dfff	Memory Mapped File	-	-	-
kernel32.dll	0x75540000	0x75613fff	Memory Mapped File	-	-	-
msvcrt.dll	0x75650000	0x756fbfff	Memory Mapped File	-	-	-
rpcrt4.dll	0x764c0000	0x76560fff	Memory Mapped File	-	-	-
usp10.dll	0x76570000	0x7660cfff	Memory Mapped File	-	-	-
nsi.dll	0x76850000	0x76855fff	Memory Mapped File	-	-	-
ws2_32.dll	0x76870000	0x768a4fff	Memory Mapped File	-	-	-
user32.dll	0x76b40000	0x76c08fff	Memory Mapped File	-	-	-
ntdll.dll	0x76db0000	0x76eebfff	Memory Mapped File	-	-	-
lpk.dll	0x76f50000	0x76f59fff	Memory Mapped File	-	-	-
apisetschema.dll	0x76ff0000	0x76ff0fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffdd000	0x7ffdd000	0x7ffddfff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-

Threads

Thread 0xf44

Category	Operation	Information	Count	Logfile
System	Get Time	type = System Time, time = 2018-07-19 09:49:58 (UTC)	1	Fn
System	Get Time	type = Ticks, time = 10908525	1	Fn
Module	Get Handle	module_name = c:\windows\system32\reg.exe, base_address = 0xa00000	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System	1	Fn
Registry	Create Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, value_name = NTMGCGGUKus	1	Fn
Registry	Write Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, value_name = NTMGCGGUKus, data = "C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\javaw.exe" -jar "C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm", size = 242, type = REG_EXPAND_SZ	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	1	Fn
File	Get Info	filename = STD_OUTPUT_HANDLE, type = file_type	1	Fn

Process #17: attrib.exe

Information	Value
ID	#17
File Name	c:\windows\system32\attrib.exe
Command Line	attrib +h "C:\Users\2XC7u663GxWc\cqsFQOTqbmg\."
Initial Working Directory	C:\Users\2XC7u663GxWc\Desktop\
Monitor	Start Time: 00:00:57, Reason: Child Process
Unmonitor	End Time: 00:01:00, Reason: Self Terminated
Monitor Duration	00:00:03
Remark	No high level activity detected in monitored regions

OS Process Information

Information	Value
PID	0xf48
Parent PID	0xcc0 (c:\program files\java\jre7\bin\java.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x F4C

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	-	-	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000030000	0x00030000	0x00033fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000040000	0x00040000	0x00040fff	Pagefile Backed Memory	-	-	-
locale.nls	0x00050000	0x000b6fff	Memory Mapped File	-	-	-
private_0x0000000000130000	0x00130000	0x0016ffff	Private Memory	-	-	-
private_0x0000000000220000	0x00220000	0x0022ffff	Private Memory	-	-	-
private_0x00000000002d0000	0x002d0000	0x003cffff	Private Memory	-	-	-
pagefile_0x00000000003d0000	0x003d0000	0x00497fff	Pagefile Backed Memory	-	-	-
attrib.exe	0x00620000	0x00626fff	Memory Mapped File	-	-	-
ulib.dll	0x71f80000	0x71f9cfff	Memory Mapped File	-	-	-
kernelbase.dll	0x75180000	0x751c9fff	Memory Mapped File	-	-	-
imm32.dll	0x75200000	0x7521efff	Memory Mapped File	-	-	-
advapi32.dll	0x75280000	0x7531ffff	Memory Mapped File	-	-	-
msctf.dll	0x75370000	0x7543bfff	Memory Mapped File	-	-	-
sechost.dll	0x75440000	0x75458fff	Memory Mapped File	-	-	-
gdi32.dll	0x754f0000	0x7553dfff	Memory Mapped File	-	-	-
kernel32.dll	0x75540000	0x75613fff	Memory Mapped File	-	-	-
msvcrt.dll	0x75650000	0x756fbfff	Memory Mapped File	-	-	-
rpcrt4.dll	0x764c0000	0x76560fff	Memory Mapped File	-	-	-
usp10.dll	0x76570000	0x7660cfff	Memory Mapped File	-	-	-
user32.dll	0x76b40000	0x76c08fff	Memory Mapped File	-	-	-
ntdll.dll	0x76db0000	0x76eebfff	Memory Mapped File	-	-	-
lpk.dll	0x76f50000	0x76f59fff	Memory Mapped File	-	-	-
apisetschema.dll	0x76ff0000	0x76ff0fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffd6000	0x7ffd6000	0x7ffd6fff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-

Process #18: attrib.exe

Information	Value
ID	#18
File Name	c:\windows\system32\attrib.exe
Command Line	attrib +h "C:\Users\2XC7u663GxWc\cqsFQOTqbmg"
Initial Working Directory	C:\Users\2XC7u663GxWc\Desktop\
Monitor	Start Time: 00:00:57, Reason: Child Process
Unmonitor	End Time: 00:00:59, Reason: Self Terminated
Monitor Duration	00:00:02
Remark	No high level activity detected in monitored regions

OS Process Information

Information	Value
PID	0xf50
Parent PID	0xcc0 (c:\program files\java\jre7\bin\java.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x F54

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	-	-	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000030000	0x00030000	0x00033fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000040000	0x00040000	0x00040fff	Pagefile Backed Memory	-	-	-
locale.nls	0x00050000	0x000b6fff	Memory Mapped File	-	-	-
private_0x0000000000170000	0x00170000	0x001affff	Private Memory	-	-	-
pagefile_0x00000000001b0000	0x001b0000	0x00277fff	Pagefile Backed Memory	-	-	-
private_0x0000000000360000	0x00360000	0x0045ffff	Private Memory	-	-	-
attrib.exe	0x00620000	0x00626fff	Memory Mapped File	-	-	-
private_0x0000000000800000	0x00800000	0x0080ffff	Private Memory	-	-	-
ulib.dll	0x71f80000	0x71f9cfff	Memory Mapped File	-	-	-
kernelbase.dll	0x75180000	0x751c9fff	Memory Mapped File	-	-	-
imm32.dll	0x75200000	0x7521efff	Memory Mapped File	-	-	-
advapi32.dll	0x75280000	0x7531ffff	Memory Mapped File	-	-	-
msctf.dll	0x75370000	0x7543bfff	Memory Mapped File	-	-	-
sechost.dll	0x75440000	0x75458fff	Memory Mapped File	-	-	-
gdi32.dll	0x754f0000	0x7553dfff	Memory Mapped File	-	-	-
kernel32.dll	0x75540000	0x75613fff	Memory Mapped File	-	-	-
msvcrt.dll	0x75650000	0x756fbfff	Memory Mapped File	-	-	-
rpcrt4.dll	0x764c0000	0x76560fff	Memory Mapped File	-	-	-
usp10.dll	0x76570000	0x7660cfff	Memory Mapped File	-	-	-
user32.dll	0x76b40000	0x76c08fff	Memory Mapped File	-	-	-
ntdll.dll	0x76db0000	0x76eebfff	Memory Mapped File	-	-	-
lpk.dll	0x76f50000	0x76f59fff	Memory Mapped File	-	-	-
apisetschema.dll	0x76ff0000	0x76ff0fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffde000	0x7ffde000	0x7ffdefff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-

Process #19: javaw.exe

3499

Information	Value
ID	#19
File Name	c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\javaw.exe
Command Line	C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\javaw.exe -jar C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm
Initial Working Directory	C:\Users\2XC7U6~1\AppData\Local\Temp\
Monitor	Start Time: 00:00:57, Reason: Child Process
Unmonitor	End Time: 00:01:21, Reason: Self Terminated
Monitor Duration	00:00:24

OS Process Information

Information	Value
PID	0xf58
Parent PID	0xcc0 (c:\program files\java\jre7\bin\java.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x F5C 0x F90 0x F94 0x F98 0x F9C 0x FA0 0x FA4 0x FA8 0x FB0 0x FAC 0x FB4 0x FF0 0x FF4 0x FF8 0x 90 0x 978 0x 92C 0x 9F4 0x 25C 0x 3F8

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	-	-	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
private_0x0000000000020000	0x00020000	0x00020fff	Private Memory	-	-	-
pagefile_0x0000000000030000	0x00030000	0x00033fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000040000	0x00040000	0x00042fff	Pagefile Backed Memory	-	-	-
locale.nls	0x00050000	0x000b6fff	Memory Mapped File	-	-	-
pagefile_0x00000000000c0000	0x000c0000	0x00187fff	Pagefile Backed Memory	-	-	-
private_0x0000000000190000	0x00190000	0x00190fff	Private Memory	-	-	-
tzres.dll	0x001a0000	0x001a0fff	Memory Mapped File	-	-	-
pagefile_0x00000000001a0000	0x001a0000	0x001a0fff	Pagefile Backed Memory	-	-	-
pagefile_0x00000000001b0000	0x001b0000	0x001b1fff	Pagefile Backed Memory	-	-	-
pagefile_0x00000000001c0000	0x001c0000	0x001c6fff	Pagefile Backed Memory	-	-	-
private_0x00000000001d0000	0x001d0000	0x001dffff	Private Memory	-	-	-
javaw.exe	0x001e0000	0x0020efff	Memory Mapped File	-	-	-
private_0x0000000000210000	0x00210000	0x0025ffff	Private Memory	-	-	-
pagefile_0x0000000000260000	0x00260000	0x00360fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000370000	0x00370000	0x00371fff	Pagefile Backed Memory	-	-	-
private_0x0000000000380000	0x00380000	0x00380fff	Private Memory	-	-	-
private_0x0000000000390000	0x00390000	0x00390fff	Private Memory	-	-	-
3928	0x003a0000	0x003affff	Memory Mapped File	rw		... Region Actions Download Dump
private_0x00000000003b0000	0x003b0000	0x0042ffff	Private Memory	-	-	-
private_0x0000000000430000	0x00430000	0x0043ffff	Private Memory	-	-	-
private_0x0000000000440000	0x00440000	0x0044ffff	Private Memory	-	-	-
private_0x0000000000450000	0x00450000	0x0054ffff	Private Memory	-	-	-
pagefile_0x0000000000550000	0x00550000	0x0114ffff	Pagefile Backed Memory	-	-	-
private_0x0000000001150000	0x01150000	0x0124ffff	Private Memory	-	-	-
private_0x0000000001150000	0x01150000	0x011fffff	Private Memory	-	-	-
private_0x0000000001200000	0x01200000	0x0122ffff	Private Memory	-	-	-
private_0x0000000001240000	0x01240000	0x0124ffff	Private Memory	-	-	-
private_0x0000000001250000	0x01250000	0x0134ffff	Private Memory	-	-	-
pagefile_0x0000000001350000	0x01350000	0x01742fff	Pagefile Backed Memory	-	-	-
private_0x0000000001750000	0x01750000	0x018effff	Private Memory	-	-	-
rsaenh.dll	0x01750000	0x0178bfff	Memory Mapped File	-	-	-
private_0x0000000001790000	0x01790000	0x017dffff	Private Memory	-	-	-
private_0x00000000017e0000	0x017e0000	0x018dffff	Private Memory	-	-	-
private_0x00000000018e0000	0x018e0000	0x018effff	Private Memory	-	-	-
private_0x00000000018f0000	0x018f0000	0x01adffff	Private Memory	-	-	-
private_0x00000000018f0000	0x018f0000	0x0194ffff	Private Memory	-	-	-
private_0x0000000001990000	0x01990000	0x019dffff	Private Memory	-	-	-
private_0x0000000001a30000	0x01a30000	0x01a7ffff	Private Memory	-	-	-
private_0x0000000001aa0000	0x01aa0000	0x01adffff	Private Memory	-	-	-
private_0x0000000001ae0000	0x01ae0000	0x03adffff	Private Memory	-	-	-
private_0x0000000003b00000	0x03b00000	0x03b4ffff	Private Memory	-	-	-
private_0x0000000003b50000	0x03b50000	0x03b9ffff	Private Memory	-	-	-
private_0x0000000003ba0000	0x03ba0000	0x03beffff	Private Memory	-	-	-
private_0x0000000003c30000	0x03c30000	0x03c7ffff	Private Memory	-	-	-
private_0x0000000003c80000	0x03c80000	0x03d0ffff	Private Memory	-	-	-
private_0x0000000003d50000	0x03d50000	0x03d9ffff	Private Memory	-	-	-
private_0x0000000003e00000	0x03e00000	0x03e4ffff	Private Memory	-	-	-
private_0x0000000003ec0000	0x03ec0000	0x03f0ffff	Private Memory	-	-	-
private_0x0000000003f10000	0x03f10000	0x0410ffff	Private Memory	-	-	-
sortdefault.nls	0x04110000	0x043defff	Memory Mapped File	-	-	-
private_0x00000000043e0000	0x043e0000	0x045cffff	Private Memory	-	-	-
private_0x00000000043e0000	0x043e0000	0x0458ffff	Private Memory	-	-	-
private_0x00000000043e0000	0x043e0000	0x0453ffff	Private Memory	-	-	-
private_0x00000000043e0000	0x043e0000	0x044dffff	Private Memory	-	-	-
private_0x0000000004500000	0x04500000	0x0453ffff	Private Memory	-	-	-
private_0x0000000004580000	0x04580000	0x0458ffff	Private Memory	-	-	-
private_0x0000000004590000	0x04590000	0x045cffff	Private Memory	-	-	-
private_0x00000000045d0000	0x045d0000	0x047bffff	Private Memory	-	-	-
kernelbase.dll.mui	0x045d0000	0x0468ffff	Memory Mapped File	-	-	-
private_0x00000000046a0000	0x046a0000	0x046effff	Private Memory	-	-	-
private_0x0000000004700000	0x04700000	0x0474ffff	Private Memory	-	-	-
private_0x00000000047b0000	0x047b0000	0x047bffff	Private Memory	-	-	-
private_0x00000000047c0000	0x047c0000	0x04bbffff	Private Memory	-	-	-
private_0x0000000004bc0000	0x04bc0000	0x053bffff	Private Memory	-	-	-
private_0x0000000005410000	0x05410000	0x0545ffff	Private Memory	-	-	-
private_0x00000000236d0000	0x236d0000	0x28c1ffff	Private Memory	-	-	-
private_0x0000000028c20000	0x28c20000	0x336cffff	Private Memory	-	-	-
private_0x00000000336d0000	0x336d0000	0x376cffff	Private Memory	-	-	-
classes.jsa	0x376d0000	0x37b0ffff	Memory Mapped File	-	-	-
private_0x0000000037b10000	0x37b10000	0x380cffff	Private Memory	-	-	-
private_0x00000000380d0000	0x380d0000	0x38ccffff	Private Memory	-	-	-
private_0x00000000380d0000	0x380d0000	0x3871ffff	Private Memory	-	-	-
classes.jsa	0x380d0000	0x3871ffff	Memory Mapped File	-	-	-
private_0x0000000038720000	0x38720000	0x38ccffff	Private Memory	-	-	-
private_0x0000000038cd0000	0x38cd0000	0x390cffff	Private Memory	-	-	-
private_0x0000000038cd0000	0x38cd0000	0x38f3ffff	Private Memory	-	-	-
classes.jsa	0x38cd0000	0x38f3ffff	Memory Mapped File	-	-	-
private_0x0000000038f40000	0x38f40000	0x390cffff	Private Memory	-	-	-
private_0x00000000390d0000	0x390d0000	0x394cffff	Private Memory	-	-	-
private_0x00000000390d0000	0x390d0000	0x390dffff	Private Memory	-	-	-
private_0x00000000390e0000	0x390e0000	0x394cffff	Private Memory	-	-	-
jvm.dll	0x6acb0000	0x6b02ffff	Memory Mapped File	-	-	-
awt.dll	0x6cdc0000	0x6cf02fff	Memory Mapped File	-	-	-
msvcr100.dll	0x6cf10000	0x6cfcefff	Memory Mapped File	-	-	-
winmm.dll	0x70250000	0x70281fff	Memory Mapped File	-	-	-
pnrpnsp.dll	0x71760000	0x71771fff	Memory Mapped File	-	-	-
winrnr.dll	0x71780000	0x71787fff	Memory Mapped File	-	-	-
napinsp.dll	0x717a0000	0x717affff	Memory Mapped File	-	-	-
rasadhlp.dll	0x717b0000	0x717b5fff	Memory Mapped File	-	-	-
net.dll	0x71fa0000	0x71fb3fff	Memory Mapped File	-	-	-
sunec.dll	0x71fc0000	0x71fdffff	Memory Mapped File	-	-	-
nio.dll	0x720b0000	0x720befff	Memory Mapped File	-	-	-
zip.dll	0x720c0000	0x720d2fff	Memory Mapped File	-	-	-
java.dll	0x720e0000	0x720fffff	Memory Mapped File	-	-	-
verify.dll	0x72100000	0x7210bfff	Memory Mapped File	-	-	-
uxtheme.dll	0x73530000	0x7356ffff	Memory Mapped File	-	-	-
fwpuclnt.dll	0x737d0000	0x73807fff	Memory Mapped File	-	-	-
winnsi.dll	0x738e0000	0x738e6fff	Memory Mapped File	-	-	-
iphlpapi.dll	0x738f0000	0x7390bfff	Memory Mapped File	-	-	-
nlaapi.dll	0x73a60000	0x73a6ffff	Memory Mapped File	-	-	-
comctl32.dll	0x73ee0000	0x7407dfff	Memory Mapped File	-	-	-
wsock32.dll	0x740b0000	0x740b6fff	Memory Mapped File	-	-	-
wshtcpip.dll	0x744e0000	0x744e4fff	Memory Mapped File	-	-	-
userenv.dll	0x745b0000	0x745c6fff	Memory Mapped File	-	-	-
rsaenh.dll	0x74770000	0x747aafff	Memory Mapped File	-	-	-
dnsapi.dll	0x74850000	0x74893fff	Memory Mapped File	-	-	-
wship6.dll	0x74980000	0x74985fff	Memory Mapped File	-	-	-
mswsock.dll	0x74990000	0x749cbfff	Memory Mapped File	-	-	-
cryptsp.dll	0x749d0000	0x749e5fff	Memory Mapped File	-	-	-
cryptbase.dll	0x74e50000	0x74e5bfff	Memory Mapped File	-	-	-
profapi.dll	0x74f00000	0x74f0afff	Memory Mapped File	-	-	-
kernelbase.dll	0x75180000	0x751c9fff	Memory Mapped File	-	-	-
imm32.dll	0x75200000	0x7521efff	Memory Mapped File	-	-	-
shlwapi.dll	0x75220000	0x75276fff	Memory Mapped File	-	-	-
advapi32.dll	0x75280000	0x7531ffff	Memory Mapped File	-	-	-
msctf.dll	0x75370000	0x7543bfff	Memory Mapped File	-	-	-
sechost.dll	0x75440000	0x75458fff	Memory Mapped File	-	-	-
gdi32.dll	0x754f0000	0x7553dfff	Memory Mapped File	-	-	-
kernel32.dll	0x75540000	0x75613fff	Memory Mapped File	-	-	-
msvcrt.dll	0x75650000	0x756fbfff	Memory Mapped File	-	-	-
psapi.dll	0x76350000	0x76354fff	Memory Mapped File	-	-	-
ole32.dll	0x76360000	0x764bbfff	Memory Mapped File	-	-	-
rpcrt4.dll	0x764c0000	0x76560fff	Memory Mapped File	-	-	-
usp10.dll	0x76570000	0x7660cfff	Memory Mapped File	-	-	-
nsi.dll	0x76850000	0x76855fff	Memory Mapped File	-	-	-
ws2_32.dll	0x76870000	0x768a4fff	Memory Mapped File	-	-	-
oleaut32.dll	0x76ab0000	0x76b3efff	Memory Mapped File	-	-	-
user32.dll	0x76b40000	0x76c08fff	Memory Mapped File	-	-	-
ntdll.dll	0x76db0000	0x76eebfff	Memory Mapped File	-	-	-
lpk.dll	0x76f50000	0x76f59fff	Memory Mapped File	-	-	-
apisetschema.dll	0x76ff0000	0x76ff0fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
private_0x000000007ffae000	0x7ffae000	0x7ffaefff	Private Memory	-	-	-
private_0x000000007ffaf000	0x7ffaf000	0x7ffaffff	Private Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffd3000	0x7ffd3000	0x7ffd3fff	Private Memory	-	-	-
private_0x000000007ffd4000	0x7ffd4000	0x7ffd4fff	Private Memory	-	-	-
private_0x000000007ffd5000	0x7ffd5000	0x7ffd5fff	Private Memory	-	-	-
private_0x000000007ffd6000	0x7ffd6000	0x7ffd6fff	Private Memory	-	-	-
private_0x000000007ffd7000	0x7ffd7000	0x7ffd7fff	Private Memory	-	-	-
private_0x000000007ffd8000	0x7ffd8000	0x7ffd8fff	Private Memory	-	-	-
private_0x000000007ffd9000	0x7ffd9000	0x7ffd9fff	Private Memory	-	-	-
private_0x000000007ffda000	0x7ffda000	0x7ffdafff	Private Memory	-	-	-
private_0x000000007ffdb000	0x7ffdb000	0x7ffdbfff	Private Memory	-	-	-
private_0x000000007ffdc000	0x7ffdc000	0x7ffdcfff	Private Memory	-	-	-
private_0x000000007ffdd000	0x7ffdd000	0x7ffddfff	Private Memory	-	-	-
private_0x000000007ffde000	0x7ffde000	0x7ffdefff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-
For performance reasons, the remaining 32 entries are omitted. The remaining entries can be found in flog.txt.

Created Files

Filename	File Size	Hash Values	YARA Match	Actions
C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs	0.27 KB	MD5: a32c109297ed1ca155598cd295c26611 SHA1: dc4a1fdbaad15ddd6fe22d3907c6b03727b71510 SHA256: 45bfe34aa3ef932f75101246eb53d032f5e7cf6d1f5b4e495334955a255f32e7 SSDeep: 6:jpxiFtqvAAT+geD5NaqZxLMTQQQavbx3la2Zp6djsyn:vmtqvAndZFcQU9lrXyjsyn		... File Actions Show Properties Download

Threads

Thread 0xf5c

Category	Operation	Information	Count	Logfile
System	Get Time	type = System Time, time = 2018-07-19 09:49:57 (UTC)	1	Fn
System	Get Time	type = Ticks, time = 10908307	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = FlsAlloc, address_out = 0x7559418d	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = FlsGetValue, address_out = 0x75591e16	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = FlsSetValue, address_out = 0x755976e6	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = FlsFree, address_out = 0x75591f61	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = STD_INPUT_HANDLE, type = file_type	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	1	Fn
File	Get Info	filename = STD_OUTPUT_HANDLE, type = file_type	1	Fn
File	Open	filename = STD_ERROR_HANDLE	1	Fn
File	Get Info	filename = STD_ERROR_HANDLE, type = file_type	1	Fn
Environment	Get Environment String	-	1	Fn Data
Module	Get Filename	process_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\javaw.exe, file_name_orig = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\javaw.exe, size = 260	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, type = file_type	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 22, size_out = 22	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 1024, size_out = 1024	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 100, size_out = 100	1	Fn Data
Module	Get Filename	process_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\javaw.exe, file_name_orig = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\javaw.exe, size = 260	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\i386\jvm.cfg, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\i386\jvm.cfg, type = file_type	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\i386\jvm.cfg, size = 4096, size_out = 686	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\i386\jvm.cfg, size = 4096, size_out = 0	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = FlsAlloc, address_out = 0x7559418d	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = FlsGetValue, address_out = 0x75591e16	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = FlsSetValue, address_out = 0x755976e6	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = FlsFree, address_out = 0x75591f61	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = STD_INPUT_HANDLE, type = file_type	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	1	Fn
File	Get Info	filename = STD_OUTPUT_HANDLE, type = file_type	1	Fn
File	Open	filename = STD_ERROR_HANDLE	1	Fn
File	Get Info	filename = STD_ERROR_HANDLE, type = file_type	1	Fn
Environment	Get Environment String	-	1	Fn Data
System	Get Time	type = System Time, time = 2018-07-19 09:49:57 (UTC)	1	Fn
Module	Load	module_name = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\jvm.dll, base_address = 0x6acb0000	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\client\jvm.dll, function = JNI_CreateJavaVM, address_out = 0x6ad78e70	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\client\jvm.dll, function = JNI_GetDefaultJavaVMInitArgs, address_out = 0x6ad6e340	1	Fn

Thread 0xf90

2788

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
System	Get Info	type = Hardware Information	1	Fn
System	Get Info	type = Operating System	1	Fn
Environment	Get Environment String	name = _ALT_JAVA_HOME_DIR	1	Fn
Module	Get Filename	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\client\jvm.dll, process_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\javaw.exe, file_name_orig = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\jvm.dll, size = 260	1	Fn
Module	Get Filename	process_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\javaw.exe, file_name_orig = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\javaw.exe, size = 260	1	Fn
System	Get Info	type = Windows Directory, result_out = C:\Windows	1	Fn
System	Get Info	type = System Directory, result_out = C:\Windows\system32	1	Fn
System	Get Info	type = Windows Directory, result_out = C:\Windows	2	Fn
Module	Load	module_name = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\verify.dll, base_address = 0x72100000	1	Fn
Module	Load	module_name = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\java.dll, base_address = 0x720e0000	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, address_out = 0x720e6fcf	1	Fn
Environment	Get Environment String	name = JAVA_TOOL_OPTIONS	1	Fn
Environment	Get Environment String	name = _JAVA_OPTIONS	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\endorsed, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:49:58 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\\hsperfdata_2XC7u663GxWc, type = file_attributes	2	Fn
Process	Open	desired_access = PROCESS_QUERY_INFORMATION	1	Fn
Module	Get Handle	module_name = c:\windows\system32\advapi32.dll, base_address = 0x75280000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SetSecurityDescriptorControl, address_out = 0x752a7a8b	1	Fn
Module	Get Handle	module_name = c:\windows\system32\advapi32.dll, base_address = 0x75280000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SetSecurityDescriptorControl, address_out = 0x752a7a8b	1	Fn
Module	Get Handle	module_name = c:\windows\system32\advapi32.dll, base_address = 0x75280000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SetSecurityDescriptorControl, address_out = 0x752a7a8b	1	Fn
File	Create Directory	C:\Users\2XC7U6~1\AppData\Local\Temp\\hsperfdata_2XC7u663GxWc	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\\hsperfdata_2XC7u663GxWc, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\\hsperfdata_2XC7u663GxWc\3928, desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_FLAG_DELETE_ON_CLOSE, share_mode = FILE_SHARE_READ, FILE_SHARE_DELETE	1	Fn
Module	Create Mapping	module_name = C:\Users\2XC7U6~1\AppData\Local\Temp\\hsperfdata_2XC7u663GxWc\3928, filename = C:\Users\2XC7U6~1\AppData\Local\Temp\\hsperfdata_2XC7u663GxWc\3928, protection = PAGE_READWRITE, maximum_size = 65536	1	Fn
Module	Map	C:\Users\2XC7U6~1\AppData\Local\Temp\\hsperfdata_2XC7u663GxWc\3928, process_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\javaw.exe, desired_access = FILE_MAP_ALL_ACCESS	1	Fn
File	Get Info	type = file_type	1	Fn
File	Read	size = 4096, size_out = 2190	1	Fn Data
File	Read	size = 4096, size_out = 0	1	Fn
File	Get Info	type = file_type	1	Fn
File	Read	size = 2416, size_out = 2416	1	Fn Data
Module	Create Mapping	protection = PAGE_WRITECOPY, maximum_size = 0	1	Fn
Module	Map	process_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\javaw.exe, desired_access = FILE_MAP_READ	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ	1	Fn
Module	Create Mapping	module_name = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, protection = PAGE_WRITECOPY, maximum_size = 0	1	Fn
Module	Map	C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, process_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\javaw.exe, desired_access = FILE_MAP_COPY	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ	1	Fn
Module	Create Mapping	module_name = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, protection = PAGE_WRITECOPY, maximum_size = 0	1	Fn
Module	Map	C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, process_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\javaw.exe, desired_access = FILE_MAP_COPY	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, size = 65536, size_out = 65536	1	Fn Data
System	Get Info	type = Hardware Information	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, value_name = Desktop, data = C:\Users\2XC7u663GxWc\Desktop, type = REG_SZ	1	Fn
File	Read	size = 4, size_out = 4	1	Fn Data
File	Read	size = 128, size_out = 128	1	Fn Data
File	Read	size = 7, size_out = 7	1	Fn Data
File	Read	size = 1781193, size_out = 1781193	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 709, size_out = 709	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 277, size_out = 277	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2305, size_out = 2305	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1022, size_out = 1022	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2882, size_out = 2882	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 104, size_out = 104	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 728, size_out = 728	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 345, size_out = 345	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 815, size_out = 815	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\zip.dll, type = file_attributes	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:49:58 (UTC)	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1105, size_out = 1105	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1761, size_out = 1761	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 514, size_out = 514	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 970, size_out = 970	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2589, size_out = 2589	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1008, size_out = 1008	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\meta-index, type = file_attributes	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2004, size_out = 2004	1	Fn Data
System	Get Time	type = System Time, time = 2018-07-19 09:49:58 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext, type = file_attributes	2	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 669, size_out = 669	1	Fn Data
File	Read	size = 8192, size_out = 829	1	Fn Data
File	Get Info	type = file_type	1	Fn
File	Get Info	type = size, size_out = 829	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 962, size_out = 962	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 934, size_out = 934	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1720, size_out = 1720	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1012, size_out = 1012	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3028, size_out = 3028	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1111, size_out = 1111	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2976, size_out = 2976	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 672, size_out = 672	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1189, size_out = 1189	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2646, size_out = 2646	1	Fn Data
File	Read	size = 8192, size_out = 0	1	Fn
File	Get Info	filename = C:\Windows\Sun\Java\lib\ext\meta-index, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:49:58 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\access-bridge.jar, type = file_attributes	2	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:49:58 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\access-bridge.jar, type = file_attributes	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 966, size_out = 966	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 800, size_out = 800	1	Fn Data
System	Get Time	type = System Time, time = 2018-07-19 09:49:58 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\dnsns.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:49:58 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\jaccess.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:49:58 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\localedata.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:49:58 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:49:58 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:49:58 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:49:58 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunpkcs11.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:49:58 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\zipfs.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Windows\Sun\Java\lib\ext, type = file_attributes	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1280, size_out = 1280	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 609, size_out = 609	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 628, size_out = 628	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 328, size_out = 328	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 327, size_out = 327	1	Fn Data
System	Get Time	type = System Time, time = 2018-07-19 09:49:58 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, type = file_attributes	2	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:49:58 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\management\usagetracker.properties, type = file_attributes	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 12212, size_out = 12212	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 748, size_out = 748	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 6630, size_out = 6630	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3392, size_out = 3392	1	Fn Data
File	Get Info	type = time	1	Fn
File	Read	size = 4, size_out = 4	1	Fn Data
File	Read	size = 128, size_out = 128	1	Fn Data
File	Read	size = 30105, size_out = 30105	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2563, size_out = 2563	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 476, size_out = 476	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2703, size_out = 2703	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 753, size_out = 753	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3690, size_out = 3690	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3361, size_out = 3361	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3599, size_out = 3599	1	Fn Data
File	Read	size = 160, size_out = 160	2	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 260, size_out = 260	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1899, size_out = 1899	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 678, size_out = 678	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 100, size_out = 100	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1909, size_out = 1909	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 670, size_out = 670	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 762, size_out = 762	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\access-bridge.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\dnsns.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\jaccess.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\localedata.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunpkcs11.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\zipfs.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, type = file_attributes	1	Fn
File	Get Info	type = time	1	Fn
File	Read	size = 4, size_out = 4	1	Fn Data
File	Read	size = 128, size_out = 128	1	Fn Data
File	Read	size = 30105, size_out = 30105	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 100, size_out = 100	1	Fn Data
File	Read	size = 160, size_out = 160	2	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 100, size_out = 100	2	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 391, size_out = 391	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 452, size_out = 452	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 536, size_out = 536	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 521, size_out = 521	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 491, size_out = 491	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 506, size_out = 506	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 515, size_out = 515	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 361, size_out = 361	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 331, size_out = 331	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 675, size_out = 675	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 451, size_out = 451	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 355, size_out = 355	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 299, size_out = 299	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 474, size_out = 474	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 655, size_out = 655	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 303, size_out = 303	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 335, size_out = 335	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 418, size_out = 418	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 430, size_out = 430	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 453, size_out = 453	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 555, size_out = 555	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 408, size_out = 408	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 477, size_out = 477	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 562, size_out = 562	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 394, size_out = 394	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 477, size_out = 477	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 462, size_out = 462	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 371, size_out = 371	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 231, size_out = 231	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 496, size_out = 496	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 691, size_out = 691	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 509, size_out = 509	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 580, size_out = 580	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 391, size_out = 391	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 496, size_out = 496	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 348, size_out = 348	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 331, size_out = 331	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 802, size_out = 802	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1127, size_out = 1127	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\resources.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\meta-index, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:49:58 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib, type = file_attributes	2	Fn
File	Read	size = 8192, size_out = 2190	1	Fn Data
File	Get Info	type = file_type	1	Fn
File	Get Info	type = size, size_out = 2190	1	Fn
File	Read	size = 8192, size_out = 0	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\sunrsasign.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\charsets.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jfr.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\classes, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\meta-index, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:49:58 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\resources.jar, type = file_attributes	2	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:49:58 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\resources.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:49:58 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:49:58 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\sunrsasign.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:49:58 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:49:58 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:49:58 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\charsets.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:49:58 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jfr.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:49:58 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\classes, type = file_attributes	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\resources.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\sunrsasign.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\charsets.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jfr.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\classes, type = file_attributes	1	Fn
File	Read	size = 160, size_out = 160	2	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 329, size_out = 329	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 383, size_out = 383	1	Fn Data
File	Get Info	type = time	1	Fn
File	Read	size = 160, size_out = 160	2	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 332, size_out = 332	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 348, size_out = 348	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 461, size_out = 461	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 570, size_out = 570	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 5504, size_out = 5504	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 582, size_out = 582	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 535, size_out = 535	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 678, size_out = 678	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 315, size_out = 315	1	Fn Data
File	Read	size = 4, size_out = 4	1	Fn Data
File	Read	size = 128, size_out = 128	1	Fn Data
File	Read	size = 6708, size_out = 6708	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 4096, size_out = 4096	2	Fn Data
File	Read	size = 1693, size_out = 1693	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1351, size_out = 1351	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1358, size_out = 1358	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\java.security, type = file_attributes	1	Fn
File	Read	size = 8192, size_out = 8192	2	Fn Data
File	Read	size = 8192, size_out = 1440	1	Fn Data
File	Get Info	type = file_type	1	Fn
File	Get Info	type = size, size_out = 17824	1	Fn
File	Read	size = 8192, size_out = 0	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2345, size_out = 2345	1	Fn Data
File	Read	size = 4, size_out = 4	1	Fn Data
File	Read	size = 128, size_out = 128	1	Fn Data
File	Read	size = 7, size_out = 7	1	Fn Data
File	Read	size = 13694, size_out = 13694	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1056, size_out = 1056	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3940, size_out = 3940	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 5672, size_out = 5672	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 844, size_out = 844	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1453, size_out = 1453	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 803, size_out = 803	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2601, size_out = 2601	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, type = file_attributes	1	Fn
File	Get Info	type = time	1	Fn
File	Read	size = 4, size_out = 4	1	Fn Data
File	Read	size = 128, size_out = 128	1	Fn Data
File	Read	size = 1240, size_out = 1240	1	Fn Data
File	Read	size = 160, size_out = 160	2	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 590, size_out = 590	2	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 525, size_out = 525	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1320, size_out = 1320	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2666, size_out = 2666	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 314, size_out = 314	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 951, size_out = 951	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 10594, size_out = 10594	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3882, size_out = 3882	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3549, size_out = 3549	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1381, size_out = 1381	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 8211, size_out = 8211	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1075, size_out = 1075	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3695, size_out = 3695	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2117, size_out = 2117	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 346, size_out = 346	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 576, size_out = 576	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 24203, size_out = 24203	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 13092, size_out = 13092	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 623, size_out = 623	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3174, size_out = 3174	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2257, size_out = 2257	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1621, size_out = 1621	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2563, size_out = 2563	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2395, size_out = 2395	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 14258, size_out = 14258	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 853, size_out = 853	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 967, size_out = 967	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3914, size_out = 3914	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 5828, size_out = 5828	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 12814, size_out = 12814	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 4077, size_out = 4077	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2399, size_out = 2399	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2181, size_out = 2181	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 308, size_out = 308	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 381, size_out = 381	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 78, size_out = 78	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 4556, size_out = 4556	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 6732, size_out = 6732	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 732, size_out = 732	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 454, size_out = 454	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 457, size_out = 457	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 973, size_out = 973	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 310, size_out = 310	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2812, size_out = 2812	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 278, size_out = 278	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 131, size_out = 131	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3431, size_out = 3431	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 382, size_out = 382	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 281, size_out = 281	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 5929, size_out = 5929	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 6713, size_out = 6713	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3217, size_out = 3217	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 265, size_out = 265	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 6705, size_out = 6705	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\x86\sunec.dll, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.dll, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\sunec.dll, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:49:59 (UTC)	2	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\sunec.dll, function = _JNI_OnLoad@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\sunec.dll, function = JNI_OnLoad, address_out = 0x0	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1434, size_out = 1434	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 454, size_out = 454	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 5439, size_out = 5439	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 619, size_out = 619	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, type = file_attributes	1	Fn
File	Get Info	type = time	1	Fn
File	Read	size = 128, size_out = 128	1	Fn Data
File	Read	size = 10470, size_out = 10470	1	Fn Data
File	Read	size = 160, size_out = 160	2	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3596, size_out = 3596	2	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3529, size_out = 3529	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1320, size_out = 1320	1	Fn Data
File	Read	size = 160, size_out = 160	2	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 735, size_out = 735	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 4170, size_out = 4170	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 817, size_out = 817	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 331, size_out = 331	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2357, size_out = 2357	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 187, size_out = 187	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3665, size_out = 3665	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3856, size_out = 3856	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 333, size_out = 333	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, type = file_attributes	1	Fn
File	Get Info	type = time	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, type = file_attributes	1	Fn
File	Get Info	type = time	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\US_export_policy.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\local_policy.jar, type = file_attributes	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2915, size_out = 2915	1	Fn Data
File	Get Info	type = time	1	Fn
File	Read	size = 128, size_out = 128	1	Fn Data
File	Read	size = 328, size_out = 328	1	Fn Data
File	Read	size = 350, size_out = 350	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 160, size_out = 160	3	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 213, size_out = 213	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1319, size_out = 1319	1	Fn Data
File	Read	size = 151, size_out = 151	1	Fn Data
File	Read	size = 92, size_out = 92	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 4096, size_out = 4096	1	Fn Data
File	Read	size = 47, size_out = 47	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 115, size_out = 115	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 502, size_out = 502	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 807, size_out = 807	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 530, size_out = 530	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1987, size_out = 1987	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 706, size_out = 706	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 4096, size_out = 4096	1	Fn Data
File	Read	size = 3777, size_out = 3777	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3082, size_out = 3082	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 4270, size_out = 4270	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 8559, size_out = 8559	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 6031, size_out = 6031	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\net.dll, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:49:59 (UTC)	2	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\net.dll, function = _JNI_OnLoad@8, address_out = 0x71fa3379	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 671, size_out = 671	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1961, size_out = 1961	1	Fn Data
DNS	Get Hostname	name_out = ZgW5tdPu	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3287, size_out = 3287	1	Fn Data
DNS	Resolve Name	host = ZgW5tdPu, address_out = fe80:0000:0000:0000:5969:84a4:f9e2:1f2b, 192.168.0.60	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp, type = file_attributes	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 383, size_out = 383	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3661, size_out = 3661	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 292, size_out = 292	1	Fn Data
File	Get Info	type = time	1	Fn
File	Read	size = 128, size_out = 128	1	Fn Data
File	Read	size = 389, size_out = 389	1	Fn Data
File	Read	size = 411, size_out = 411	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 194, size_out = 194	2	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 242, size_out = 242	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1318, size_out = 1318	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 153, size_out = 153	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 209, size_out = 209	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 883, size_out = 883	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 994, size_out = 994	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 780, size_out = 780	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 206, size_out = 206	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 533, size_out = 533	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 775, size_out = 775	1	Fn Data
File	Get Info	type = time	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 301, size_out = 301	1	Fn Data
File	Read	size = 8192, size_out = 8192	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3596, size_out = 3596	2	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3529, size_out = 3529	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1320, size_out = 1320	1	Fn Data
File	Read	size = 160, size_out = 160	2	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3596, size_out = 3596	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3529, size_out = 3529	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1320, size_out = 1320	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1137, size_out = 1137	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1486, size_out = 1486	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1009, size_out = 1009	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1052, size_out = 1052	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 269, size_out = 269	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1438, size_out = 1438	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2684, size_out = 2684	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 157, size_out = 157	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 902, size_out = 902	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1516, size_out = 1516	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 925, size_out = 925	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1403, size_out = 1403	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 684, size_out = 684	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2171, size_out = 2171	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1421, size_out = 1421	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 694, size_out = 694	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 171, size_out = 171	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1111, size_out = 1111	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 814, size_out = 814	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 608, size_out = 608	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 677, size_out = 677	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 274, size_out = 274	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1343, size_out = 1343	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 541, size_out = 541	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2912, size_out = 2912	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1249, size_out = 1249	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1311, size_out = 1311	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 265, size_out = 265	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1605, size_out = 1605	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 557, size_out = 557	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 173, size_out = 173	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2789, size_out = 2789	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 230, size_out = 230	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1133, size_out = 1133	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 321, size_out = 321	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 190, size_out = 190	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 8192, size_out = 8192	1	Fn Data
File	Read	size = 3185, size_out = 3185	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 274, size_out = 274	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 4522, size_out = 4522	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 978, size_out = 978	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 672, size_out = 672	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 839, size_out = 839	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1309, size_out = 1309	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1312, size_out = 1312	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 696, size_out = 696	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3200, size_out = 3200	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 803, size_out = 803	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 207, size_out = 207	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 823, size_out = 823	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 824, size_out = 824	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 349, size_out = 349	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2972, size_out = 2972	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2977, size_out = 2977	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 611, size_out = 611	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 668, size_out = 668	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 283, size_out = 283	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1118, size_out = 1118	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 834, size_out = 834	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 769, size_out = 769	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1478, size_out = 1478	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1298, size_out = 1298	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1655, size_out = 1655	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
For performance reasons, the remaining 1672 entries are omitted. The remaining entries can be found in glog.xml.

Thread 0xf94

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:49:59 (UTC)	2	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:04 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:07 (UTC)	3	Fn

Thread 0xf98

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000		1	Fn

Thread 0xf9c

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000		1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_ref_Finalizer_invokeFinalizeMethod@12, address_out = 0x720e207c		1	Fn

Thread 0xfa0

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 541, size_out = 541	1	Fn Data
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn

Thread 0xfa4

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000		1	Fn
Mutex	Create	-		1	Fn

Thread 0xfa8

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000		1	Fn

Thread 0xfb0

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000		1	Fn

Thread 0xfac

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000		1	Fn

Thread 0xff0

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000		1	Fn

Thread 0xff4

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000		1	Fn

Thread 0xff8

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_sun_awt_windows_WToolkit_init@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_sun_awt_windows_WToolkit_init@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\net.dll, function = _Java_sun_awt_windows_WToolkit_init@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\nio.dll, function = _Java_sun_awt_windows_WToolkit_init@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\awt.dll, function = _Java_sun_awt_windows_WToolkit_init@8, address_out = 0x6ce52210	1	Fn
Module	Load	module_name = COMCTL32.dll, base_address = 0x73ee0000	1	Fn
Module	Get Address	module_name = c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll, function = InitCommonControlsEx, address_out = 0x73f009ce	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = LoadIconW, address_out = 0x76b4f142	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = RegisterClassW, address_out = 0x76b4ed4a	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = GetDC, address_out = 0x76b5544c	1	Fn
Module	Load	module_name = GDI32.dll, base_address = 0x754f0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\gdi32.dll, function = GetDeviceCaps, address_out = 0x754f6f7f	2	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = ReleaseDC, address_out = 0x76b55421	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = CreateWindowExW, address_out = 0x76b4ec7c	1	Fn
Window	Create	window_name = theAwtToolkitWindow, class_name = SunAwtToolkit, wndproc_parameter = 0	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = DefWindowProcW, address_out = 0x76b5507d	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = SetWindowsHookExW, address_out = 0x76b4e30c	1	Fn
System	Register Hook	type = WH_GETMESSAGE, hookproc_address = 0x6ce51da0	1	Fn
Module	Load	module_name = ole32.dll, base_address = 0x76360000	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = OleInitialize, address_out = 0x7637efd7	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 569, size_out = 569	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 333, size_out = 333	1	Fn Data
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = PeekMessageW, address_out = 0x76b5634a	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = EnumThreadWindows, address_out = 0x76b4b712	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = PostMessageW, address_out = 0x76b5447b	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = CallNextHookEx, address_out = 0x76b4abe1	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = PostQuitMessage, address_out = 0x76b4b308	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = OleUninitialize, address_out = 0x7637eba1	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = GetMessageW, address_out = 0x76b5cde8	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = IsWindow, address_out = 0x76b553ba	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = DestroyWindow, address_out = 0x76b4b2f4	1	Fn

Thread 0x90

302

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
System	Get Time	type = System Time, time = 2018-07-19 09:50:01 (UTC)	1	Fn
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 706, size_out = 706	1	Fn Data
File	Read	size = 3, size_out = 3	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 448, size_out = 448	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 4013, size_out = 4013	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1566, size_out = 1566	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 402, size_out = 402	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1366, size_out = 1366	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 9311, size_out = 9311	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3572, size_out = 3572	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1619, size_out = 1619	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2404, size_out = 2404	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3013, size_out = 3013	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1708, size_out = 1708	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2879, size_out = 2879	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1285, size_out = 1285	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1398, size_out = 1398	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1090, size_out = 1090	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3789, size_out = 3789	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 436, size_out = 436	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 792, size_out = 792	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 384, size_out = 384	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 78, size_out = 78	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1217, size_out = 1217	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 480, size_out = 480	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 622, size_out = 622	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 76, size_out = 76	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 527, size_out = 527	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 4051, size_out = 4051	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 7991, size_out = 7991	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 704, size_out = 704	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 8401, size_out = 8401	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2096, size_out = 2096	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2691, size_out = 2691	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1111, size_out = 1111	1	Fn Data
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive5186310507301951599.vbs, desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, FILE_FLAG_OPEN_REPARSE_POINT, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
Process	Create	process_name = cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive5186310507301951599.vbs, os_pid = 0x110, creation_flags = CREATE_UNICODE_ENVIRONMENT, CREATE_NO_WINDOW, startup_flags = STARTF_USESTDHANDLES, show_window = SW_HIDE	1	Fn
File	Get Info	type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_ProcessImpl_terminateProcess@16, address_out = 0x720e8e7c	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_WinNTFileSystem_delete0@12, address_out = 0x720ea507	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive5186310507301951599.vbs, type = file_attributes	1	Fn
File	Delete	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive5186310507301951599.vbs	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1625750400979200631.vbs, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1625750400979200631.vbs, desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, FILE_FLAG_OPEN_REPARSE_POINT, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1625750400979200631.vbs, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Write	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1625750400979200631.vbs, size = 281	1	Fn Data
System	Get Info	type = Operating System	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
Process	Create	process_name = cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1625750400979200631.vbs, os_pid = 0x754, creation_flags = CREATE_UNICODE_ENVIRONMENT, CREATE_NO_WINDOW, startup_flags = STARTF_USESTDHANDLES, show_window = SW_HIDE	1	Fn
File	Get Info	type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	size = 8192, size_out = 0	1	Fn
Process	Terminate	exit_code = 1	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1625750400979200631.vbs, type = file_attributes	1	Fn
File	Delete	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1625750400979200631.vbs	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\javaw.exe, type = file_attributes	1	Fn
File	Create	filename = C:\Windows\System32\test.txt, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1396, size_out = 1396	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 582, size_out = 582	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 46400, size_out = 46400	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 263, size_out = 263	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 357, size_out = 357	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 5472, size_out = 5472	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3241, size_out = 3241	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 784, size_out = 784	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1886, size_out = 1886	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 5529, size_out = 5529	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\net.dll, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:04 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\net.dll, type = file_attributes	2	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:04 (UTC)	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_net_NetworkInterface_init@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_net_NetworkInterface_init@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\net.dll, function = _Java_java_net_NetworkInterface_init@8, address_out = 0x71fa157c	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1188, size_out = 1188	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 213, size_out = 213	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_net_NetworkInterface_getAll@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_net_NetworkInterface_getAll@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\net.dll, function = _Java_java_net_NetworkInterface_getAll@8, address_out = 0x71fa214a	1	Fn
Module	Load	module_name = IPHLPAPI.DLL, base_address = 0x738f0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\iphlpapi.dll, function = GetIfTable, address_out = 0x738fae94	1	Fn
Module	Get Address	module_name = c:\windows\system32\iphlpapi.dll, function = GetFriendlyIfIndex, address_out = 0x738fd855	1	Fn
Module	Get Address	module_name = c:\windows\system32\iphlpapi.dll, function = GetIpAddrTable, address_out = 0x738f9bb0	1	Fn
Module	Get Address	module_name = c:\windows\system32\iphlpapi.dll, function = GetAdaptersAddresses, address_out = 0x738f6a4d	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 878, size_out = 878	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 7520, size_out = 7520	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 8446, size_out = 8446	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\management.dll, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:04 (UTC)	2	Fn
Module	Load	module_name = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\management.dll, base_address = 0x6da40000	1	Fn
Module	Get Address	module_name = Unknown module name, function = _JNI_OnLoad@8, address_out = 0x6da42194	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 5830, size_out = 5830	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1929, size_out = 1929	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_sun_management_VMManagementImpl_getVersion0@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_sun_management_VMManagementImpl_getVersion0@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\net.dll, function = _Java_sun_management_VMManagementImpl_getVersion0@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\nio.dll, function = _Java_sun_management_VMManagementImpl_getVersion0@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\awt.dll, function = _Java_sun_management_VMManagementImpl_getVersion0@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = Unknown module name, function = _Java_sun_management_VMManagementImpl_getVersion0@8, address_out = 0x6da41e06	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_sun_management_VMManagementImpl_initOptionalSupportFields@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_sun_management_VMManagementImpl_initOptionalSupportFields@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\net.dll, function = _Java_sun_management_VMManagementImpl_initOptionalSupportFields@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\nio.dll, function = _Java_sun_management_VMManagementImpl_initOptionalSupportFields@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\awt.dll, function = _Java_sun_management_VMManagementImpl_initOptionalSupportFields@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = Unknown module name, function = _Java_sun_management_VMManagementImpl_initOptionalSupportFields@8, address_out = 0x6da41e8a	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 519, size_out = 519	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 855, size_out = 855	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 413, size_out = 413	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 300, size_out = 300	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 152, size_out = 152	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1206, size_out = 1206	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_com_sun_management_OperatingSystem_initialize@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_com_sun_management_OperatingSystem_initialize@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\net.dll, function = _Java_com_sun_management_OperatingSystem_initialize@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\nio.dll, function = _Java_com_sun_management_OperatingSystem_initialize@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\awt.dll, function = _Java_com_sun_management_OperatingSystem_initialize@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = Unknown module name, function = _Java_com_sun_management_OperatingSystem_initialize@8, address_out = 0x6da42a5b	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_com_sun_management_OperatingSystem_getTotalPhysicalMemorySize@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_com_sun_management_OperatingSystem_getTotalPhysicalMemorySize@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\net.dll, function = _Java_com_sun_management_OperatingSystem_getTotalPhysicalMemorySize@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\nio.dll, function = _Java_com_sun_management_OperatingSystem_getTotalPhysicalMemorySize@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\awt.dll, function = _Java_com_sun_management_OperatingSystem_getTotalPhysicalMemorySize@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = Unknown module name, function = _Java_com_sun_management_OperatingSystem_getTotalPhysicalMemorySize@8, address_out = 0x6da4230d	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 7192, size_out = 7192	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 536, size_out = 536	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 22580, size_out = 22580	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 325, size_out = 325	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2388, size_out = 2388	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1746, size_out = 1746	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 845, size_out = 845	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 14934, size_out = 14934	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 322, size_out = 322	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1032, size_out = 1032	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 773, size_out = 773	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 122, size_out = 122	1	Fn Data
File	Create	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, type = time	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\ID.txt, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\ID.txt, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\ID.txt, type = file_type	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\ID.txt, type = size, size_out = 47	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg, type = file_attributes	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\nccJQMiokAP, type = file_attributes	2	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_WinNTFileSystem_createDirectory@12, address_out = 0x720ea812	1	Fn
File	Create Directory	C:\Users\2XC7u663GxWc\cqsFQOTqbmg\nccJQMiokAP	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\nccJQMiokAP, type = file_attributes	3	Fn

Thread 0x978

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000		2	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:06 (UTC)		2	Fn

Thread 0x92c

287

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 26461, size_out = 26461	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 4540, size_out = 4540	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1995, size_out = 1995	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\net.dll, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:06 (UTC)	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1261, size_out = 1261	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 4115, size_out = 4115	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_net_DualStackPlainSocketImpl_initIDs@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_net_DualStackPlainSocketImpl_initIDs@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\net.dll, function = _Java_java_net_DualStackPlainSocketImpl_initIDs@8, address_out = 0x71fa6667	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2598, size_out = 2598	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 11029, size_out = 11029	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 296, size_out = 296	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1028, size_out = 1028	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 17440, size_out = 17440	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3033, size_out = 3033	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 861, size_out = 861	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2660, size_out = 2660	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1444, size_out = 1444	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1192, size_out = 1192	1	Fn Data
System	Get Time	type = System Time, time = 2018-07-19 09:50:06 (UTC)	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 7071, size_out = 7071	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2038, size_out = 2038	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2049, size_out = 2049	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1627, size_out = 1627	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 8760, size_out = 8760	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3164, size_out = 3164	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2552, size_out = 2552	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1600, size_out = 1600	1	Fn Data
File	Read	size = 109, size_out = 109	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 235, size_out = 235	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2863, size_out = 2863	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 443, size_out = 443	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 837, size_out = 837	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3196, size_out = 3196	1	Fn Data
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, type = time	1	Fn
File	Read	size = 1262, size_out = 1262	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 590, size_out = 590	2	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 525, size_out = 525	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1320, size_out = 1320	1	Fn Data
File	Read	size = 160, size_out = 160	2	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 590, size_out = 590	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 525, size_out = 525	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1320, size_out = 1320	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1812, size_out = 1812	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 240, size_out = 240	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1434, size_out = 1434	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2863, size_out = 2863	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 242, size_out = 242	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 390, size_out = 390	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 242, size_out = 242	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1989, size_out = 1989	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 837, size_out = 837	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 734, size_out = 734	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 235, size_out = 235	1	Fn Data
System	Get Time	type = System Time, time = 2018-07-19 09:50:06 (UTC)	2	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 5122, size_out = 5122	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 285, size_out = 285	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 889, size_out = 889	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3271, size_out = 3271	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 496, size_out = 496	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1812, size_out = 1812	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 302, size_out = 302	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 23927, size_out = 23927	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1227, size_out = 1227	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 761, size_out = 761	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 107, size_out = 107	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2146, size_out = 2146	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 975, size_out = 975	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2114, size_out = 2114	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3293, size_out = 3293	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 634, size_out = 634	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 725, size_out = 725	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 859, size_out = 859	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 745, size_out = 745	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1326, size_out = 1326	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 4319, size_out = 4319	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 595, size_out = 595	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 626, size_out = 626	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 763, size_out = 763	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, type = time	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 2191, size_out = 2191	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 103, size_out = 103	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 913, size_out = 913	2	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 852, size_out = 852	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 1319, size_out = 1319	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 103, size_out = 103	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 1269, size_out = 1269	1	Fn Data
System	Get Time	type = System Time, time = 2018-07-19 09:50:07 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, type = file_attributes	2	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:07 (UTC)	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 404, size_out = 404	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\x86\sunmscapi.dll, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.dll, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\sunmscapi.dll, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:07 (UTC)	2	Fn
Module	Load	module_name = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\sunmscapi.dll, base_address = 0x6b6c0000	1	Fn
Module	Get Address	module_name = Unknown module name, function = _JNI_OnLoad@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = Unknown module name, function = JNI_OnLoad, address_out = 0x0	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1399, size_out = 1399	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3618, size_out = 3618	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1507, size_out = 1507	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 8099, size_out = 8099	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 964, size_out = 964	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1312, size_out = 1312	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 5799, size_out = 5799	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_net_DualStackPlainSocketImpl_socket0@16, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_net_DualStackPlainSocketImpl_socket0@16, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\net.dll, function = _Java_java_net_DualStackPlainSocketImpl_socket0@16, address_out = 0x71fa66ab	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 686, size_out = 686	1	Fn Data
System	Get Time	type = System Time, time = 2018-07-19 09:50:07 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\net.properties, type = file_attributes	2	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:07 (UTC)	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\net.properties, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\net.properties, type = file_type	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\net.properties, type = size, size_out = 3070	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3605, size_out = 3605	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 331, size_out = 331	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_net_DualStackPlainSocketImpl_connect0@20, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_net_DualStackPlainSocketImpl_connect0@20, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\net.dll, function = _Java_java_net_DualStackPlainSocketImpl_connect0@20, address_out = 0x71fa6793	1	Fn

Thread 0x9f4

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000		1	Fn

Thread 0x25c

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000		2	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:18 (UTC)		1	Fn

Thread 0x3f8

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_sun_awt_windows_WToolkit_shutdown@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_sun_awt_windows_WToolkit_shutdown@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\net.dll, function = _Java_sun_awt_windows_WToolkit_shutdown@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\nio.dll, function = _Java_sun_awt_windows_WToolkit_shutdown@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\awt.dll, function = _Java_sun_awt_windows_WToolkit_shutdown@8, address_out = 0x6ce50ac0	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = SendMessageW, address_out = 0x76b55539	1	Fn

Process #20: java.exe

2821

Information	Value
ID	#20
File Name	c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.exe
Command Line	C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\java.exe -jar C:\Users\2XC7U6~1\AppData\Local\Temp\_0.080316539076114361006181509658991106.class
Initial Working Directory	C:\Users\2XC7U6~1\AppData\Local\Temp\
Monitor	Start Time: 00:01:00, Reason: Child Process
Unmonitor	End Time: 00:01:20, Reason: Self Terminated
Monitor Duration	00:00:20

OS Process Information

Information	Value
PID	0xfb8
Parent PID	0xf58 (c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\javaw.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x FBC 0x FCC 0x FD0 0x FD4 0x FD8 0x FE4 0x FDC 0x FE0 0x FEC 0x FE8 0x FFC 0x 854 0x 124 0x 150 0x 874 0x 44C 0x 7FC 0x 930 0x 934 0x 938 0x 940 0x A00 0x 9E8 0x 9F0

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	-	-	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000030000	0x00030000	0x00033fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000040000	0x00040000	0x00042fff	Pagefile Backed Memory	-	-	-
locale.nls	0x00050000	0x000b6fff	Memory Mapped File	-	-	-
private_0x00000000000c0000	0x000c0000	0x000c0fff	Private Memory	-	-	-
private_0x00000000000d0000	0x000d0000	0x000d0fff	Private Memory	-	-	-
tzres.dll	0x000e0000	0x000e0fff	Memory Mapped File	-	-	-
pagefile_0x00000000000e0000	0x000e0000	0x000e0fff	Pagefile Backed Memory	-	-	-
private_0x00000000000f0000	0x000f0000	0x000fffff	Private Memory	-	-	-
pagefile_0x0000000000100000	0x00100000	0x00101fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000110000	0x00110000	0x00116fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000120000	0x00120000	0x00121fff	Pagefile Backed Memory	-	-	-
private_0x0000000000130000	0x00130000	0x0016ffff	Private Memory	-	-	-
private_0x0000000000170000	0x00170000	0x00170fff	Private Memory	-	-	-
private_0x0000000000180000	0x00180000	0x00180fff	Private Memory	-	-	-
4024	0x00190000	0x0019ffff	Memory Mapped File	rw		... Region Actions Download Dump
private_0x00000000001a0000	0x001a0000	0x001effff	Private Memory	-	-	-
pagefile_0x00000000001f0000	0x001f0000	0x002b7fff	Pagefile Backed Memory	-	-	-
pagefile_0x00000000002c0000	0x002c0000	0x003c0fff	Pagefile Backed Memory	-	-	-
private_0x00000000003d0000	0x003d0000	0x004cffff	Private Memory	-	-	-
private_0x00000000004d0000	0x004d0000	0x0061ffff	Private Memory	-	-	-
private_0x00000000004d0000	0x004d0000	0x005cffff	Private Memory	-	-	-
private_0x00000000005d0000	0x005d0000	0x005fffff	Private Memory	-	-	-
private_0x0000000000600000	0x00600000	0x0060ffff	Private Memory	-	-	-
private_0x0000000000610000	0x00610000	0x0061ffff	Private Memory	-	-	-
pagefile_0x0000000000620000	0x00620000	0x00a12fff	Pagefile Backed Memory	-	-	-
private_0x0000000000a20000	0x00a20000	0x00b1ffff	Private Memory	-	-	-
private_0x0000000000b20000	0x00b20000	0x00b2ffff	Private Memory	-	-	-
private_0x0000000000b30000	0x00b30000	0x00b3ffff	Private Memory	-	-	-
private_0x0000000000b40000	0x00b40000	0x00bbffff	Private Memory	-	-	-
private_0x0000000000bc0000	0x00bc0000	0x00c1ffff	Private Memory	-	-	-
pagefile_0x0000000000c20000	0x00c20000	0x00c20fff	Pagefile Backed Memory	-	-	-
private_0x0000000000c50000	0x00c50000	0x00c9ffff	Private Memory	-	-	-
private_0x0000000000ca0000	0x00ca0000	0x00d4ffff	Private Memory	-	-	-
rsaenh.dll	0x00d50000	0x00d8bfff	Memory Mapped File	-	-	-
rpcss.dll	0x00d50000	0x00dabfff	Memory Mapped File	-	-	-
private_0x0000000000db0000	0x00db0000	0x00dfffff	Private Memory	-	-	-
private_0x0000000000e60000	0x00e60000	0x00eaffff	Private Memory	-	-	-
java.exe	0x00eb0000	0x00edefff	Memory Mapped File	-	-	-
pagefile_0x0000000000ee0000	0x00ee0000	0x01adffff	Pagefile Backed Memory	-	-	-
private_0x0000000001ae0000	0x01ae0000	0x03adffff	Private Memory	-	-	-
private_0x0000000003b20000	0x03b20000	0x03b6ffff	Private Memory	-	-	-
private_0x0000000003b70000	0x03b70000	0x03bbffff	Private Memory	-	-	-
private_0x0000000003c00000	0x03c00000	0x03c4ffff	Private Memory	-	-	-
private_0x0000000003c80000	0x03c80000	0x03ccffff	Private Memory	-	-	-
private_0x0000000003cd0000	0x03cd0000	0x03d1ffff	Private Memory	-	-	-
private_0x0000000003d40000	0x03d40000	0x03d8ffff	Private Memory	-	-	-
private_0x0000000003d90000	0x03d90000	0x03f8ffff	Private Memory	-	-	-
sortdefault.nls	0x03f90000	0x0425efff	Memory Mapped File	-	-	-
private_0x0000000004260000	0x04260000	0x0441ffff	Private Memory	-	-	-
private_0x0000000004260000	0x04260000	0x0432ffff	Private Memory	-	-	-
private_0x0000000004260000	0x04260000	0x042cffff	Private Memory	-	-	-
private_0x00000000042f0000	0x042f0000	0x0432ffff	Private Memory	-	-	-
private_0x00000000043e0000	0x043e0000	0x0441ffff	Private Memory	-	-	-
private_0x0000000004420000	0x04420000	0x045effff	Private Memory	-	-	-
private_0x0000000004460000	0x04460000	0x044affff	Private Memory	-	-	-
private_0x00000000044b0000	0x044b0000	0x045affff	Private Memory	-	-	-
private_0x00000000045e0000	0x045e0000	0x045effff	Private Memory	-	-	-
private_0x00000000045f0000	0x045f0000	0x047cffff	Private Memory	-	-	-
kernelbase.dll.mui	0x045f0000	0x046affff	Memory Mapped File	-	-	-
private_0x00000000046d0000	0x046d0000	0x0471ffff	Private Memory	-	-	-
private_0x00000000047c0000	0x047c0000	0x047cffff	Private Memory	-	-	-
private_0x00000000047d0000	0x047d0000	0x049affff	Private Memory	-	-	-
private_0x0000000004800000	0x04800000	0x0484ffff	Private Memory	-	-	-
private_0x00000000048d0000	0x048d0000	0x0491ffff	Private Memory	-	-	-
private_0x0000000004920000	0x04920000	0x0496ffff	Private Memory	-	-	-
private_0x0000000004970000	0x04970000	0x049affff	Private Memory	-	-	-
pagefile_0x00000000049b0000	0x049b0000	0x04a8efff	Pagefile Backed Memory	-	-	-
private_0x00000000236d0000	0x236d0000	0x28c1ffff	Private Memory	-	-	-
private_0x0000000028c20000	0x28c20000	0x336cffff	Private Memory	-	-	-
private_0x00000000336d0000	0x336d0000	0x376cffff	Private Memory	-	-	-
classes.jsa	0x376d0000	0x37b0ffff	Memory Mapped File	-	-	-
private_0x0000000037b10000	0x37b10000	0x380cffff	Private Memory	-	-	-
classes.jsa	0x380d0000	0x3871ffff	Memory Mapped File	-	-	-
private_0x0000000038720000	0x38720000	0x38ccffff	Private Memory	-	-	-
classes.jsa	0x38cd0000	0x38f3ffff	Memory Mapped File	-	-	-
private_0x0000000038f40000	0x38f40000	0x390cffff	Private Memory	-	-	-
private_0x00000000390d0000	0x390d0000	0x390dffff	Private Memory	-	-	-
private_0x00000000390e0000	0x390e0000	0x394cffff	Private Memory	-	-	-
jvm.dll	0x6acb0000	0x6b02ffff	Memory Mapped File	-	-	-
awt.dll	0x6cdc0000	0x6cf02fff	Memory Mapped File	-	-	-
msvcr100.dll	0x6cf10000	0x6cfcefff	Memory Mapped File	-	-	-
winmm.dll	0x70250000	0x70281fff	Memory Mapped File	-	-	-
pnrpnsp.dll	0x71760000	0x71771fff	Memory Mapped File	-	-	-
winrnr.dll	0x71780000	0x71787fff	Memory Mapped File	-	-	-
napinsp.dll	0x717a0000	0x717affff	Memory Mapped File	-	-	-
rasadhlp.dll	0x717b0000	0x717b5fff	Memory Mapped File	-	-	-
net.dll	0x71fa0000	0x71fb3fff	Memory Mapped File	-	-	-
sunec.dll	0x71fc0000	0x71fdffff	Memory Mapped File	-	-	-
nio.dll	0x720b0000	0x720befff	Memory Mapped File	-	-	-
zip.dll	0x720c0000	0x720d2fff	Memory Mapped File	-	-	-
java.dll	0x720e0000	0x720fffff	Memory Mapped File	-	-	-
verify.dll	0x72100000	0x7210bfff	Memory Mapped File	-	-	-
dwmapi.dll	0x731f0000	0x73202fff	Memory Mapped File	-	-	-
uxtheme.dll	0x73530000	0x7356ffff	Memory Mapped File	-	-	-
fwpuclnt.dll	0x737d0000	0x73807fff	Memory Mapped File	-	-	-
winnsi.dll	0x738e0000	0x738e6fff	Memory Mapped File	-	-	-
iphlpapi.dll	0x738f0000	0x7390bfff	Memory Mapped File	-	-	-
nlaapi.dll	0x73a60000	0x73a6ffff	Memory Mapped File	-	-	-
comctl32.dll	0x73ee0000	0x7407dfff	Memory Mapped File	-	-	-
wsock32.dll	0x740b0000	0x740b6fff	Memory Mapped File	-	-	-
wshtcpip.dll	0x744e0000	0x744e4fff	Memory Mapped File	-	-	-
userenv.dll	0x745b0000	0x745c6fff	Memory Mapped File	-	-	-
rsaenh.dll	0x74770000	0x747aafff	Memory Mapped File	-	-	-
dnsapi.dll	0x74850000	0x74893fff	Memory Mapped File	-	-	-
wship6.dll	0x74980000	0x74985fff	Memory Mapped File	-	-	-
mswsock.dll	0x74990000	0x749cbfff	Memory Mapped File	-	-	-
cryptsp.dll	0x749d0000	0x749e5fff	Memory Mapped File	-	-	-
cryptbase.dll	0x74e50000	0x74e5bfff	Memory Mapped File	-	-	-
profapi.dll	0x74f00000	0x74f0afff	Memory Mapped File	-	-	-
kernelbase.dll	0x75180000	0x751c9fff	Memory Mapped File	-	-	-
imm32.dll	0x75200000	0x7521efff	Memory Mapped File	-	-	-
shlwapi.dll	0x75220000	0x75276fff	Memory Mapped File	-	-	-
advapi32.dll	0x75280000	0x7531ffff	Memory Mapped File	-	-	-
msctf.dll	0x75370000	0x7543bfff	Memory Mapped File	-	-	-
sechost.dll	0x75440000	0x75458fff	Memory Mapped File	-	-	-
gdi32.dll	0x754f0000	0x7553dfff	Memory Mapped File	-	-	-
kernel32.dll	0x75540000	0x75613fff	Memory Mapped File	-	-	-
msvcrt.dll	0x75650000	0x756fbfff	Memory Mapped File	-	-	-
shell32.dll	0x75700000	0x76349fff	Memory Mapped File	-	-	-
psapi.dll	0x76350000	0x76354fff	Memory Mapped File	-	-	-
ole32.dll	0x76360000	0x764bbfff	Memory Mapped File	-	-	-
rpcrt4.dll	0x764c0000	0x76560fff	Memory Mapped File	-	-	-
usp10.dll	0x76570000	0x7660cfff	Memory Mapped File	-	-	-
nsi.dll	0x76850000	0x76855fff	Memory Mapped File	-	-	-
ws2_32.dll	0x76870000	0x768a4fff	Memory Mapped File	-	-	-
oleaut32.dll	0x76ab0000	0x76b3efff	Memory Mapped File	-	-	-
user32.dll	0x76b40000	0x76c08fff	Memory Mapped File	-	-	-
ntdll.dll	0x76db0000	0x76eebfff	Memory Mapped File	-	-	-
lpk.dll	0x76f50000	0x76f59fff	Memory Mapped File	-	-	-
apisetschema.dll	0x76ff0000	0x76ff0fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
private_0x000000007ffae000	0x7ffae000	0x7ffaefff	Private Memory	-	-	-
private_0x000000007ffaf000	0x7ffaf000	0x7ffaffff	Private Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffd3000	0x7ffd3000	0x7ffd3fff	Private Memory	-	-	-
private_0x000000007ffd4000	0x7ffd4000	0x7ffd4fff	Private Memory	-	-	-
private_0x000000007ffd5000	0x7ffd5000	0x7ffd5fff	Private Memory	-	-	-
private_0x000000007ffd6000	0x7ffd6000	0x7ffd6fff	Private Memory	-	-	-
private_0x000000007ffd7000	0x7ffd7000	0x7ffd7fff	Private Memory	-	-	-
private_0x000000007ffd8000	0x7ffd8000	0x7ffd8fff	Private Memory	-	-	-
private_0x000000007ffd9000	0x7ffd9000	0x7ffd9fff	Private Memory	-	-	-
private_0x000000007ffda000	0x7ffda000	0x7ffdafff	Private Memory	-	-	-
private_0x000000007ffdb000	0x7ffdb000	0x7ffdbfff	Private Memory	-	-	-
private_0x000000007ffdc000	0x7ffdc000	0x7ffdcfff	Private Memory	-	-	-
private_0x000000007ffdd000	0x7ffdd000	0x7ffddfff	Private Memory	-	-	-
private_0x000000007ffde000	0x7ffde000	0x7ffdefff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-
For performance reasons, the remaining 28 entries are omitted. The remaining entries can be found in flog.txt.

Created Files

Filename	File Size	Hash Values	YARA Match	Actions
C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs	0.27 KB	MD5: a32c109297ed1ca155598cd295c26611 SHA1: dc4a1fdbaad15ddd6fe22d3907c6b03727b71510 SHA256: 45bfe34aa3ef932f75101246eb53d032f5e7cf6d1f5b4e495334955a255f32e7 SSDeep: 6:jpxiFtqvAAT+geD5NaqZxLMTQQQavbx3la2Zp6djsyn:vmtqvAndZFcQU9lrXyjsyn		... File Actions Show Properties Download
C:\Users\2XC7u663GxWc\fUTkALeaTxM\ID.txt	0.05 KB	MD5: 473d5ea6460d84e1c44532bf39d48eb7 SHA1: c760d009877410051d803f625211fd027445d1c8 SHA256: 9f32e41ce1b7a69787cd3886274f9e8c8a910607a0687b3d3cf965cef60d2109 SSDeep: 3:YwwAHWKIDdIRRKu9hASMi:YwwAHWKIDdsEKhv		... File Actions Show Properties Download

Threads

Thread 0xfbc

Category	Operation	Information	Count	Logfile
System	Get Time	type = System Time, time = 2018-07-19 09:50:00 (UTC)	1	Fn
System	Get Time	type = Ticks, time = 10910522	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = FlsAlloc, address_out = 0x7559418d	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = FlsGetValue, address_out = 0x75591e16	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = FlsSetValue, address_out = 0x755976e6	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = FlsFree, address_out = 0x75591f61	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = STD_INPUT_HANDLE, type = file_type	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	1	Fn
File	Get Info	filename = STD_OUTPUT_HANDLE, type = file_type	1	Fn
File	Open	filename = STD_ERROR_HANDLE	1	Fn
File	Get Info	filename = STD_ERROR_HANDLE, type = file_type	1	Fn
Environment	Get Environment String	-	1	Fn Data
Module	Get Filename	process_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.exe, file_name_orig = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\java.exe, size = 260	1	Fn
File	Get Info	type = file_type	1	Fn
File	Read	size = 22, size_out = 22	1	Fn Data
File	Read	size = 1024, size_out = 1024	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 161, size_out = 161	1	Fn Data
Module	Get Filename	process_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.exe, file_name_orig = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\java.exe, size = 260	1	Fn
File	Get Info	type = file_type	1	Fn
File	Read	size = 4096, size_out = 686	1	Fn Data
File	Read	size = 4096, size_out = 0	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = STD_INPUT_HANDLE, type = file_type	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	1	Fn
File	Get Info	filename = STD_OUTPUT_HANDLE, type = file_type	1	Fn
File	Open	filename = STD_ERROR_HANDLE	1	Fn
File	Get Info	filename = STD_ERROR_HANDLE, type = file_type	1	Fn
Environment	Get Environment String	-	1	Fn Data
System	Get Time	type = System Time, time = 2018-07-19 09:50:00 (UTC)	1	Fn
Module	Load	module_name = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\jvm.dll, base_address = 0x6acb0000	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\client\jvm.dll, function = JNI_CreateJavaVM, address_out = 0x6ad78e70	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\client\jvm.dll, function = JNI_GetDefaultJavaVMInitArgs, address_out = 0x6ad6e340	1	Fn

Thread 0xfcc

1969

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
System	Get Info	type = Hardware Information	1	Fn
System	Get Info	type = Operating System	1	Fn
Environment	Get Environment String	name = _ALT_JAVA_HOME_DIR	1	Fn
Module	Get Filename	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\client\jvm.dll, process_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.exe, file_name_orig = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\jvm.dll, size = 260	1	Fn
Module	Get Filename	process_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.exe, file_name_orig = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\java.exe, size = 260	1	Fn
System	Get Info	type = Windows Directory, result_out = C:\Windows	1	Fn
System	Get Info	type = System Directory, result_out = C:\Windows\system32	1	Fn
System	Get Info	type = Windows Directory, result_out = C:\Windows	2	Fn
Module	Load	module_name = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\verify.dll, base_address = 0x72100000	1	Fn
Module	Load	module_name = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\java.dll, base_address = 0x720e0000	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, address_out = 0x720e6fcf	1	Fn
Environment	Get Environment String	name = JAVA_TOOL_OPTIONS	1	Fn
Environment	Get Environment String	name = _JAVA_OPTIONS	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\endorsed, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:00 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\\hsperfdata_2XC7u663GxWc, type = file_attributes	2	Fn
Process	Open	desired_access = PROCESS_QUERY_INFORMATION	1	Fn
Process	Open	desired_access = PROCESS_QUERY_INFORMATION	1	Fn
Module	Get Handle	module_name = c:\windows\system32\advapi32.dll, base_address = 0x75280000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SetSecurityDescriptorControl, address_out = 0x752a7a8b	1	Fn
Module	Get Handle	module_name = c:\windows\system32\advapi32.dll, base_address = 0x75280000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SetSecurityDescriptorControl, address_out = 0x752a7a8b	1	Fn
Module	Get Handle	module_name = c:\windows\system32\advapi32.dll, base_address = 0x75280000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SetSecurityDescriptorControl, address_out = 0x752a7a8b	1	Fn
File	Create Directory	C:\Users\2XC7U6~1\AppData\Local\Temp\\hsperfdata_2XC7u663GxWc	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\\hsperfdata_2XC7u663GxWc, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\\hsperfdata_2XC7u663GxWc\4024, desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_FLAG_DELETE_ON_CLOSE, share_mode = FILE_SHARE_READ, FILE_SHARE_DELETE	1	Fn
Module	Create Mapping	module_name = C:\Users\2XC7U6~1\AppData\Local\Temp\\hsperfdata_2XC7u663GxWc\4024, filename = C:\Users\2XC7U6~1\AppData\Local\Temp\\hsperfdata_2XC7u663GxWc\4024, protection = PAGE_READWRITE, maximum_size = 65536	1	Fn
Module	Map	C:\Users\2XC7U6~1\AppData\Local\Temp\\hsperfdata_2XC7u663GxWc\4024, process_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.exe, desired_access = FILE_MAP_ALL_ACCESS	1	Fn
File	Get Info	type = file_type	2	Fn
File	Read	size = 2416, size_out = 2416	1	Fn Data
System	Get Info	type = Hardware Information	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, value_name = Desktop, data = C:\Users\2XC7u663GxWc\Desktop, type = REG_SZ	1	Fn
File	Read	size = 128, size_out = 128	1	Fn Data
File	Read	size = 7, size_out = 7	1	Fn Data
File	Read	size = 1781193, size_out = 1781193	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 709, size_out = 709	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 277, size_out = 277	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2305, size_out = 2305	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1022, size_out = 1022	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2882, size_out = 2882	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 104, size_out = 104	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 728, size_out = 728	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 345, size_out = 345	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 815, size_out = 815	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\zip.dll, type = file_attributes	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:00 (UTC)	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1105, size_out = 1105	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1761, size_out = 1761	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 514, size_out = 514	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 970, size_out = 970	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2589, size_out = 2589	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1008, size_out = 1008	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\meta-index, type = file_attributes	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2004, size_out = 2004	1	Fn Data
System	Get Time	type = System Time, time = 2018-07-19 09:50:00 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext, type = file_attributes	2	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 669, size_out = 669	1	Fn Data
File	Get Info	type = file_type	1	Fn
File	Get Info	type = size, size_out = 829	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 962, size_out = 962	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 934, size_out = 934	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1720, size_out = 1720	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1012, size_out = 1012	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3028, size_out = 3028	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1111, size_out = 1111	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2976, size_out = 2976	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 672, size_out = 672	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1189, size_out = 1189	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2646, size_out = 2646	1	Fn Data
File	Get Info	filename = C:\Windows\Sun\Java\lib\ext\meta-index, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:00 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\access-bridge.jar, type = file_attributes	2	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:00 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\access-bridge.jar, type = file_attributes	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 966, size_out = 966	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 800, size_out = 800	1	Fn Data
System	Get Time	type = System Time, time = 2018-07-19 09:50:00 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\dnsns.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:00 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\jaccess.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:00 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\localedata.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:00 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:00 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:00 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:00 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunpkcs11.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:00 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\zipfs.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Windows\Sun\Java\lib\ext, type = file_attributes	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1280, size_out = 1280	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 609, size_out = 609	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 628, size_out = 628	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 328, size_out = 328	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 327, size_out = 327	1	Fn Data
System	Get Time	type = System Time, time = 2018-07-19 09:50:00 (UTC)	2	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 12212, size_out = 12212	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 748, size_out = 748	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 6630, size_out = 6630	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3392, size_out = 3392	1	Fn Data
File	Get Info	type = time	1	Fn
File	Read	size = 128, size_out = 128	1	Fn Data
File	Read	size = 6113, size_out = 6113	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2563, size_out = 2563	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 476, size_out = 476	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2703, size_out = 2703	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 753, size_out = 753	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3690, size_out = 3690	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3361, size_out = 3361	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3599, size_out = 3599	1	Fn Data
File	Read	size = 160, size_out = 160	2	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 260, size_out = 260	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1899, size_out = 1899	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 678, size_out = 678	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 161, size_out = 161	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1909, size_out = 1909	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 670, size_out = 670	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 762, size_out = 762	1	Fn Data
File	Get Info	type = time	1	Fn
File	Read	size = 128, size_out = 128	1	Fn Data
File	Read	size = 6113, size_out = 6113	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 161, size_out = 161	2	Fn Data
File	Read	size = 160, size_out = 160	2	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 161, size_out = 161	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 263, size_out = 263	1	Fn Data
System	Get Time	type = System Time, time = 2018-07-19 09:50:00 (UTC)	2	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 16, size_out = 16	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 729, size_out = 729	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 17, size_out = 17	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 243, size_out = 243	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 16, size_out = 16	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 315, size_out = 315	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 16, size_out = 16	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 437, size_out = 437	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 16, size_out = 16	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 439, size_out = 439	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 16, size_out = 16	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 342, size_out = 342	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 802, size_out = 802	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1127, size_out = 1127	1	Fn Data
System	Get Time	type = System Time, time = 2018-07-19 09:50:00 (UTC)	1	Fn
File	Read	size = 8192, size_out = 2190	1	Fn Data
File	Get Info	type = file_type	1	Fn
File	Get Info	type = size, size_out = 2190	1	Fn
File	Read	size = 8192, size_out = 0	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:00 (UTC)	15	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Get Info	type = time	1	Fn
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1468, size_out = 1468	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1486, size_out = 1486	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 16, size_out = 16	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 258, size_out = 258	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2351, size_out = 2351	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 877, size_out = 877	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 645, size_out = 645	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 6444, size_out = 6444	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1453, size_out = 1453	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 513, size_out = 513	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 4556, size_out = 4556	1	Fn Data
File	Get Info	type = file_type	1	Fn
File	Get Info	type = size, size_out = 17824	1	Fn
File	Read	size = 8192, size_out = 0	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2345, size_out = 2345	1	Fn Data
File	Read	size = 128, size_out = 128	1	Fn Data
File	Read	size = 7, size_out = 7	1	Fn Data
File	Read	size = 13694, size_out = 13694	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1056, size_out = 1056	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3940, size_out = 3940	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 5672, size_out = 5672	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 844, size_out = 844	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 803, size_out = 803	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2601, size_out = 2601	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 6732, size_out = 6732	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 732, size_out = 732	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 454, size_out = 454	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 78, size_out = 78	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 457, size_out = 457	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 973, size_out = 973	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 308, size_out = 308	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 381, size_out = 381	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 310, size_out = 310	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3431, size_out = 3431	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 382, size_out = 382	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 281, size_out = 281	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 131, size_out = 131	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 5929, size_out = 5929	1	Fn Data
File	Read	size = 160, size_out = 160	2	Fn Data
File	Read	size = 16, size_out = 16	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 405, size_out = 405	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 17, size_out = 17	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 182, size_out = 182	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 258, size_out = 258	1	Fn Data
File	Read	size = 3, size_out = 3	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 354, size_out = 354	1	Fn Data
File	Read	size = 3, size_out = 3	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 16, size_out = 16	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 645, size_out = 645	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 17, size_out = 17	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 380, size_out = 380	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 17, size_out = 17	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 512, size_out = 512	1	Fn Data
File	Read	size = 128, size_out = 128	1	Fn Data
File	Read	size = 6708, size_out = 6708	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 4096, size_out = 4096	2	Fn Data
File	Read	size = 1693, size_out = 1693	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1351, size_out = 1351	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1358, size_out = 1358	1	Fn Data
File	Get Info	type = time	1	Fn
File	Read	size = 128, size_out = 128	1	Fn Data
File	Read	size = 1240, size_out = 1240	1	Fn Data
File	Read	size = 160, size_out = 160	2	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 590, size_out = 590	2	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 525, size_out = 525	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1320, size_out = 1320	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2666, size_out = 2666	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 314, size_out = 314	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 951, size_out = 951	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 10594, size_out = 10594	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3882, size_out = 3882	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3549, size_out = 3549	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1381, size_out = 1381	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 8211, size_out = 8211	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1075, size_out = 1075	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3695, size_out = 3695	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2117, size_out = 2117	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 346, size_out = 346	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 576, size_out = 576	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 24203, size_out = 24203	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 13092, size_out = 13092	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 623, size_out = 623	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3174, size_out = 3174	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2257, size_out = 2257	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1621, size_out = 1621	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2563, size_out = 2563	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2395, size_out = 2395	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 14258, size_out = 14258	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 853, size_out = 853	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 967, size_out = 967	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3914, size_out = 3914	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 5828, size_out = 5828	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 12814, size_out = 12814	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 4077, size_out = 4077	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2399, size_out = 2399	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2181, size_out = 2181	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2812, size_out = 2812	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 278, size_out = 278	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 6713, size_out = 6713	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
System	Get Time	type = System Time, time = 2018-07-19 09:50:01 (UTC)	2	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\sunec.dll, function = _JNI_OnLoad@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\sunec.dll, function = JNI_OnLoad, address_out = 0x0	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1434, size_out = 1434	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 454, size_out = 454	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 5439, size_out = 5439	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 619, size_out = 619	1	Fn Data
File	Get Info	type = time	1	Fn
File	Read	size = 128, size_out = 128	1	Fn Data
File	Read	size = 10470, size_out = 10470	1	Fn Data
File	Read	size = 160, size_out = 160	2	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3596, size_out = 3596	2	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3529, size_out = 3529	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1320, size_out = 1320	1	Fn Data
File	Read	size = 160, size_out = 160	2	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 735, size_out = 735	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 4170, size_out = 4170	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 817, size_out = 817	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 331, size_out = 331	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2357, size_out = 2357	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 187, size_out = 187	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3665, size_out = 3665	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3856, size_out = 3856	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 333, size_out = 333	1	Fn Data
File	Get Info	type = time	1	Fn
File	Get Info	type = time	1	Fn
File	Read	size = 160, size_out = 160	2	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2915, size_out = 2915	1	Fn Data
File	Get Info	type = time	1	Fn
File	Read	size = 128, size_out = 128	1	Fn Data
File	Read	size = 328, size_out = 328	1	Fn Data
File	Read	size = 350, size_out = 350	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 160, size_out = 160	3	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 213, size_out = 213	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1319, size_out = 1319	1	Fn Data
File	Read	size = 151, size_out = 151	1	Fn Data
File	Read	size = 92, size_out = 92	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 4096, size_out = 4096	1	Fn Data
File	Read	size = 47, size_out = 47	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 115, size_out = 115	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 502, size_out = 502	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 807, size_out = 807	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 530, size_out = 530	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1987, size_out = 1987	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 706, size_out = 706	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 4096, size_out = 4096	1	Fn Data
File	Read	size = 3777, size_out = 3777	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3082, size_out = 3082	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 4270, size_out = 4270	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 8559, size_out = 8559	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 6031, size_out = 6031	1	Fn Data
System	Get Time	type = System Time, time = 2018-07-19 09:50:01 (UTC)	2	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\net.dll, function = _JNI_OnLoad@8, address_out = 0x71fa3379	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 671, size_out = 671	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1961, size_out = 1961	1	Fn Data
DNS	Get Hostname	name_out = ZgW5tdPu	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3287, size_out = 3287	1	Fn Data
DNS	Resolve Name	host = ZgW5tdPu, address_out = fe80:0000:0000:0000:5969:84a4:f9e2:1f2b, 192.168.0.60	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp, type = file_attributes	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 383, size_out = 383	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3661, size_out = 3661	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 292, size_out = 292	1	Fn Data
File	Get Info	type = time	1	Fn
File	Read	size = 128, size_out = 128	1	Fn Data
File	Read	size = 389, size_out = 389	1	Fn Data
File	Read	size = 411, size_out = 411	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 194, size_out = 194	2	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 242, size_out = 242	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1318, size_out = 1318	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 153, size_out = 153	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 209, size_out = 209	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 883, size_out = 883	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 994, size_out = 994	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 780, size_out = 780	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 206, size_out = 206	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 533, size_out = 533	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 775, size_out = 775	1	Fn Data
File	Get Info	type = time	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 301, size_out = 301	1	Fn Data
File	Read	size = 8192, size_out = 8192	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3596, size_out = 3596	2	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3529, size_out = 3529	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1320, size_out = 1320	1	Fn Data
File	Read	size = 160, size_out = 160	2	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3596, size_out = 3596	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3529, size_out = 3529	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1320, size_out = 1320	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1137, size_out = 1137	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1486, size_out = 1486	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1009, size_out = 1009	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1052, size_out = 1052	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 269, size_out = 269	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1438, size_out = 1438	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2684, size_out = 2684	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 157, size_out = 157	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 902, size_out = 902	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1516, size_out = 1516	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 925, size_out = 925	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1403, size_out = 1403	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 684, size_out = 684	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2171, size_out = 2171	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1421, size_out = 1421	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 694, size_out = 694	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 171, size_out = 171	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1111, size_out = 1111	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 814, size_out = 814	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 608, size_out = 608	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 677, size_out = 677	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 274, size_out = 274	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1343, size_out = 1343	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 541, size_out = 541	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2912, size_out = 2912	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1249, size_out = 1249	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1311, size_out = 1311	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 265, size_out = 265	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1605, size_out = 1605	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 557, size_out = 557	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 173, size_out = 173	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2789, size_out = 2789	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 230, size_out = 230	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1133, size_out = 1133	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 321, size_out = 321	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 190, size_out = 190	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 8192, size_out = 8192	1	Fn Data
File	Read	size = 3185, size_out = 3185	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 274, size_out = 274	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 4522, size_out = 4522	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 978, size_out = 978	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 672, size_out = 672	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 839, size_out = 839	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1309, size_out = 1309	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1312, size_out = 1312	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 696, size_out = 696	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3200, size_out = 3200	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 803, size_out = 803	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 207, size_out = 207	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 823, size_out = 823	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 824, size_out = 824	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 349, size_out = 349	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2972, size_out = 2972	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2977, size_out = 2977	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 611, size_out = 611	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 668, size_out = 668	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 283, size_out = 283	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1118, size_out = 1118	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 834, size_out = 834	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 769, size_out = 769	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1478, size_out = 1478	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1298, size_out = 1298	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1655, size_out = 1655	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 984, size_out = 984	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3278, size_out = 3278	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1137, size_out = 1137	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 833, size_out = 833	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1450, size_out = 1450	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1081, size_out = 1081	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 735, size_out = 735	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 349, size_out = 349	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 550, size_out = 550	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 922, size_out = 922	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 5457, size_out = 5457	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1143, size_out = 1143	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2597, size_out = 2597	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 325, size_out = 325	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 271, size_out = 271	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1084, size_out = 1084	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 4495, size_out = 4495	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1404, size_out = 1404	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 5963, size_out = 5963	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1218, size_out = 1218	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 666, size_out = 666	1	Fn Data
File	Read	size = 2371, size_out = 2371	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3665, size_out = 3665	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1686, size_out = 1686	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1029, size_out = 1029	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 306, size_out = 306	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 978, size_out = 978	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 8192, size_out = 8192	1	Fn Data
File	Read	size = 1459, size_out = 1459	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 282, size_out = 282	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Get Info	type = time	1	Fn
File	Read	size = 6135, size_out = 6135	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 161, size_out = 161	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 8192, size_out = 8192	26	Fn Data
File	Read	size = 5053, size_out = 5053	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 258, size_out = 258	1	Fn Data
File	Read	size = 3, size_out = 3	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1470, size_out = 1470	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 354, size_out = 354	1	Fn Data
File	Read	size = 3, size_out = 3	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1468, size_out = 1468	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 258, size_out = 258	1	Fn Data
File	Read	size = 3, size_out = 3	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 263, size_out = 263	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 455, size_out = 455	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 617, size_out = 617	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 580, size_out = 580	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 463, size_out = 463	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 405, size_out = 405	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 332, size_out = 332	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 481, size_out = 481	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 593, size_out = 593	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 439, size_out = 439	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 606, size_out = 606	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 729, size_out = 729	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 390, size_out = 390	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 274, size_out = 274	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 367, size_out = 367	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 315, size_out = 315	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 258, size_out = 258	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 347, size_out = 347	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 490, size_out = 490	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 383, size_out = 383	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 342, size_out = 342	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 346, size_out = 346	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 168, size_out = 168	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 645, size_out = 645	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 212, size_out = 212	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 437, size_out = 437	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 205, size_out = 205	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 512, size_out = 512	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 380, size_out = 380	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 182, size_out = 182	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 243, size_out = 243	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 189, size_out = 189	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 169, size_out = 169	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 161, size_out = 161	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 281, size_out = 281	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 274, size_out = 274	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1989, size_out = 1989	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
For performance reasons, the remaining 840 entries are omitted. The remaining entries can be found in glog.xml.

Thread 0xfd0

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:01 (UTC)	4	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:03 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:04 (UTC)	5	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:05 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:08 (UTC)	9	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:11 (UTC)	9	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:14 (UTC)	9	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:18 (UTC)	9	Fn

Thread 0xfd4

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000		1	Fn

Thread 0xfd8

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_ref_Finalizer_invokeFinalizeMethod@12, address_out = 0x720e207c	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_ProcessImpl_closeHandle@16, address_out = 0x720e8e8b	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:08 (UTC)	7	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:11 (UTC)	7	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:14 (UTC)	7	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:18 (UTC)	7	Fn

Thread 0xfe4

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000		1	Fn

Thread 0xfdc

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 541, size_out = 541	1	Fn Data
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn

Thread 0xfe0

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000		1	Fn
Mutex	Create	-		1	Fn

Thread 0xfec

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000		1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:04 (UTC)		1	Fn

Thread 0xfe8

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000		1	Fn

Thread 0x854

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000		1	Fn

Thread 0x124

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000		1	Fn

Thread 0x150

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_sun_awt_windows_WToolkit_init@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_sun_awt_windows_WToolkit_init@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\net.dll, function = _Java_sun_awt_windows_WToolkit_init@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\nio.dll, function = _Java_sun_awt_windows_WToolkit_init@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\awt.dll, function = _Java_sun_awt_windows_WToolkit_init@8, address_out = 0x6ce52210	1	Fn
Module	Load	module_name = COMCTL32.dll, base_address = 0x73ee0000	1	Fn
Module	Get Address	module_name = c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll, function = InitCommonControlsEx, address_out = 0x73f009ce	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = LoadIconW, address_out = 0x76b4f142	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = RegisterClassW, address_out = 0x76b4ed4a	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = GetDC, address_out = 0x76b5544c	1	Fn
Module	Load	module_name = GDI32.dll, base_address = 0x754f0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\gdi32.dll, function = GetDeviceCaps, address_out = 0x754f6f7f	2	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = ReleaseDC, address_out = 0x76b55421	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = CreateWindowExW, address_out = 0x76b4ec7c	1	Fn
Window	Create	window_name = theAwtToolkitWindow, class_name = SunAwtToolkit, wndproc_parameter = 0	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = DefWindowProcW, address_out = 0x76b5507d	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = SetWindowsHookExW, address_out = 0x76b4e30c	1	Fn
System	Register Hook	type = WH_GETMESSAGE, hookproc_address = 0x6ce51da0	1	Fn
Module	Load	module_name = ole32.dll, base_address = 0x76360000	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = OleInitialize, address_out = 0x7637efd7	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 569, size_out = 569	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 333, size_out = 333	1	Fn Data
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = PeekMessageW, address_out = 0x76b5634a	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = EnumThreadWindows, address_out = 0x76b4b712	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = PostMessageW, address_out = 0x76b5447b	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = CallNextHookEx, address_out = 0x76b4abe1	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = PostQuitMessage, address_out = 0x76b4b308	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = OleUninitialize, address_out = 0x7637eba1	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = GetMessageW, address_out = 0x76b5cde8	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = IsWindow, address_out = 0x76b553ba	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = DestroyWindow, address_out = 0x76b4b2f4	1	Fn

Thread 0x874

350

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 16, size_out = 16	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 390, size_out = 390	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 448, size_out = 448	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 4013, size_out = 4013	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1566, size_out = 1566	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 402, size_out = 402	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1366, size_out = 1366	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 9311, size_out = 9311	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3572, size_out = 3572	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1619, size_out = 1619	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2404, size_out = 2404	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3013, size_out = 3013	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1708, size_out = 1708	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2879, size_out = 2879	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1285, size_out = 1285	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1398, size_out = 1398	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1090, size_out = 1090	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3789, size_out = 3789	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 436, size_out = 436	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 792, size_out = 792	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 384, size_out = 384	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 78, size_out = 78	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1217, size_out = 1217	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 480, size_out = 480	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 622, size_out = 622	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 76, size_out = 76	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 527, size_out = 527	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 4051, size_out = 4051	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 7991, size_out = 7991	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 704, size_out = 704	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 8401, size_out = 8401	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2096, size_out = 2096	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2691, size_out = 2691	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1111, size_out = 1111	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1664, size_out = 1664	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive466295784543991919.vbs, type = file_attributes	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_WinNTFileSystem_createFileExclusively@12, address_out = 0x720ea467	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive466295784543991919.vbs, desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, FILE_FLAG_OPEN_REPARSE_POINT, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_FileOutputStream_open@16, address_out = 0x720e1fe4	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive466295784543991919.vbs, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_FileOutputStream_writeBytes@24, address_out = 0x720e203c	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_FileOutputStream_close0@8, address_out = 0x720e2063	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 6028, size_out = 6028	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 7832, size_out = 7832	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 382, size_out = 382	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_ProcessImpl_getStillActive@8, address_out = 0x720e8e39	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 5512, size_out = 5512	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 949, size_out = 949	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1167, size_out = 1167	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_ProcessEnvironment_environmentBlock@8, address_out = 0x720e274a	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1731, size_out = 1731	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1427, size_out = 1427	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1429, size_out = 1429	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_ProcessImpl_create@28, address_out = 0x720e8a87	1	Fn
System	Get Info	type = Operating System	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
Process	Create	process_name = cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive466295784543991919.vbs, os_pid = 0x400, creation_flags = CREATE_UNICODE_ENVIRONMENT, CREATE_NO_WINDOW, startup_flags = STARTF_USESTDHANDLES, show_window = SW_HIDE	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1873, size_out = 1873	1	Fn Data
File	Read	size = 8192, size_out = 108	1	Fn Data
File	Get Info	type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	size = 8192, size_out = 0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_ProcessImpl_terminateProcess@16, address_out = 0x720e8e7c	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_WinNTFileSystem_delete0@12, address_out = 0x720ea507	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive466295784543991919.vbs, type = file_attributes	1	Fn
File	Delete	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive466295784543991919.vbs	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3068316261550961408.vbs, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3068316261550961408.vbs, desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, FILE_FLAG_OPEN_REPARSE_POINT, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3068316261550961408.vbs, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Write	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3068316261550961408.vbs, size = 281	1	Fn Data
System	Get Info	type = Operating System	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
Process	Create	process_name = cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3068316261550961408.vbs, os_pid = 0x588, creation_flags = CREATE_UNICODE_ENVIRONMENT, CREATE_NO_WINDOW, startup_flags = STARTF_USESTDHANDLES, show_window = SW_HIDE	1	Fn
File	Get Info	type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	size = 8192, size_out = 0	1	Fn
Process	Terminate	exit_code = 1	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3068316261550961408.vbs, type = file_attributes	1	Fn
File	Delete	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3068316261550961408.vbs	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\javaw.exe, type = file_attributes	1	Fn
File	Create	filename = C:\Windows\System32\test.txt, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1396, size_out = 1396	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 582, size_out = 582	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 46400, size_out = 46400	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 263, size_out = 263	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 357, size_out = 357	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 5472, size_out = 5472	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3241, size_out = 3241	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 784, size_out = 784	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1886, size_out = 1886	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 5529, size_out = 5529	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\net.dll, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:04 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\net.dll, type = file_attributes	2	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:04 (UTC)	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_net_NetworkInterface_init@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_net_NetworkInterface_init@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\net.dll, function = _Java_java_net_NetworkInterface_init@8, address_out = 0x71fa157c	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1188, size_out = 1188	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 213, size_out = 213	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_net_NetworkInterface_getAll@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_net_NetworkInterface_getAll@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\net.dll, function = _Java_java_net_NetworkInterface_getAll@8, address_out = 0x71fa214a	1	Fn
Module	Load	module_name = IPHLPAPI.DLL, base_address = 0x738f0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\iphlpapi.dll, function = GetIfTable, address_out = 0x738fae94	1	Fn
Module	Get Address	module_name = c:\windows\system32\iphlpapi.dll, function = GetFriendlyIfIndex, address_out = 0x738fd855	1	Fn
Module	Get Address	module_name = c:\windows\system32\iphlpapi.dll, function = GetIpAddrTable, address_out = 0x738f9bb0	1	Fn
Module	Get Address	module_name = c:\windows\system32\iphlpapi.dll, function = GetAdaptersAddresses, address_out = 0x738f6a4d	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 878, size_out = 878	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 7520, size_out = 7520	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 8446, size_out = 8446	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\management.dll, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:04 (UTC)	2	Fn
Module	Load	module_name = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\management.dll, base_address = 0x6da40000	1	Fn
Module	Get Address	module_name = Unknown module name, function = _JNI_OnLoad@8, address_out = 0x6da42194	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 5830, size_out = 5830	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1929, size_out = 1929	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_sun_management_VMManagementImpl_getVersion0@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_sun_management_VMManagementImpl_getVersion0@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\net.dll, function = _Java_sun_management_VMManagementImpl_getVersion0@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\nio.dll, function = _Java_sun_management_VMManagementImpl_getVersion0@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\awt.dll, function = _Java_sun_management_VMManagementImpl_getVersion0@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = Unknown module name, function = _Java_sun_management_VMManagementImpl_getVersion0@8, address_out = 0x6da41e06	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_sun_management_VMManagementImpl_initOptionalSupportFields@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_sun_management_VMManagementImpl_initOptionalSupportFields@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\net.dll, function = _Java_sun_management_VMManagementImpl_initOptionalSupportFields@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\nio.dll, function = _Java_sun_management_VMManagementImpl_initOptionalSupportFields@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\awt.dll, function = _Java_sun_management_VMManagementImpl_initOptionalSupportFields@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = Unknown module name, function = _Java_sun_management_VMManagementImpl_initOptionalSupportFields@8, address_out = 0x6da41e8a	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 519, size_out = 519	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 855, size_out = 855	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 413, size_out = 413	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 300, size_out = 300	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 152, size_out = 152	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1206, size_out = 1206	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_com_sun_management_OperatingSystem_initialize@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_com_sun_management_OperatingSystem_initialize@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\net.dll, function = _Java_com_sun_management_OperatingSystem_initialize@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\nio.dll, function = _Java_com_sun_management_OperatingSystem_initialize@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\awt.dll, function = _Java_com_sun_management_OperatingSystem_initialize@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = Unknown module name, function = _Java_com_sun_management_OperatingSystem_initialize@8, address_out = 0x6da42a5b	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_com_sun_management_OperatingSystem_getTotalPhysicalMemorySize@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_com_sun_management_OperatingSystem_getTotalPhysicalMemorySize@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\net.dll, function = _Java_com_sun_management_OperatingSystem_getTotalPhysicalMemorySize@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\nio.dll, function = _Java_com_sun_management_OperatingSystem_getTotalPhysicalMemorySize@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\awt.dll, function = _Java_com_sun_management_OperatingSystem_getTotalPhysicalMemorySize@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = Unknown module name, function = _Java_com_sun_management_OperatingSystem_getTotalPhysicalMemorySize@8, address_out = 0x6da4230d	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 7192, size_out = 7192	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 536, size_out = 536	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 22580, size_out = 22580	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 325, size_out = 325	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2388, size_out = 2388	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1746, size_out = 1746	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 845, size_out = 845	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 14934, size_out = 14934	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 322, size_out = 322	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1032, size_out = 1032	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 773, size_out = 773	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 122, size_out = 122	1	Fn Data
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.080316539076114361006181509658991106.class, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.080316539076114361006181509658991106.class, type = time	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\fUTkALeaTxM, type = file_attributes	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_WinNTFileSystem_createDirectory@12, address_out = 0x720ea812	1	Fn
File	Create Directory	C:\Users\2XC7u663GxWc\fUTkALeaTxM	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\fUTkALeaTxM\ID.txt, type = file_attributes	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3759, size_out = 3759	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 348, size_out = 348	1	Fn Data
File	Create	filename = C:\Users\2XC7u663GxWc\fUTkALeaTxM\ID.txt, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\fUTkALeaTxM\DdWDtpinxpf, type = file_attributes	2	Fn
File	Create Directory	C:\Users\2XC7u663GxWc\fUTkALeaTxM\DdWDtpinxpf	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\fUTkALeaTxM\DdWDtpinxpf, type = file_attributes	3	Fn

Thread 0x44c

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	2	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:04 (UTC)	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:07 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:10 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:13 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:17 (UTC)	2	Fn

Thread 0x7fc

294

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 26461, size_out = 26461	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 4540, size_out = 4540	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1995, size_out = 1995	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\net.dll, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:04 (UTC)	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1261, size_out = 1261	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 4115, size_out = 4115	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_net_DualStackPlainSocketImpl_initIDs@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_net_DualStackPlainSocketImpl_initIDs@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\net.dll, function = _Java_java_net_DualStackPlainSocketImpl_initIDs@8, address_out = 0x71fa6667	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2598, size_out = 2598	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 11029, size_out = 11029	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 296, size_out = 296	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1028, size_out = 1028	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 17440, size_out = 17440	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3033, size_out = 3033	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 861, size_out = 861	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2660, size_out = 2660	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1444, size_out = 1444	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1192, size_out = 1192	1	Fn Data
System	Get Time	type = System Time, time = 2018-07-19 09:50:04 (UTC)	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 7071, size_out = 7071	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2038, size_out = 2038	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2049, size_out = 2049	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1627, size_out = 1627	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 8760, size_out = 8760	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3164, size_out = 3164	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2552, size_out = 2552	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1600, size_out = 1600	1	Fn Data
File	Read	size = 109, size_out = 109	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 235, size_out = 235	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2863, size_out = 2863	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 443, size_out = 443	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 837, size_out = 837	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3196, size_out = 3196	1	Fn Data
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, type = time	1	Fn
File	Read	size = 1262, size_out = 1262	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 590, size_out = 590	2	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 525, size_out = 525	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1320, size_out = 1320	1	Fn Data
File	Read	size = 160, size_out = 160	2	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 590, size_out = 590	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 525, size_out = 525	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1320, size_out = 1320	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1812, size_out = 1812	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 240, size_out = 240	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1434, size_out = 1434	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2863, size_out = 2863	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 242, size_out = 242	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 390, size_out = 390	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 242, size_out = 242	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1989, size_out = 1989	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 837, size_out = 837	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 734, size_out = 734	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 235, size_out = 235	1	Fn Data
System	Get Time	type = System Time, time = 2018-07-19 09:50:04 (UTC)	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 5122, size_out = 5122	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 285, size_out = 285	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 889, size_out = 889	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3271, size_out = 3271	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 496, size_out = 496	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1812, size_out = 1812	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 302, size_out = 302	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 23927, size_out = 23927	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1227, size_out = 1227	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 761, size_out = 761	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 107, size_out = 107	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2146, size_out = 2146	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 975, size_out = 975	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 2114, size_out = 2114	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3293, size_out = 3293	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 634, size_out = 634	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 725, size_out = 725	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 859, size_out = 859	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 745, size_out = 745	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1326, size_out = 1326	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 4319, size_out = 4319	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 595, size_out = 595	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 626, size_out = 626	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 763, size_out = 763	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, type = time	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 2191, size_out = 2191	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 103, size_out = 103	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 913, size_out = 913	2	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 852, size_out = 852	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 1319, size_out = 1319	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 103, size_out = 103	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 1269, size_out = 1269	1	Fn Data
System	Get Time	type = System Time, time = 2018-07-19 09:50:04 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, type = file_attributes	2	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:04 (UTC)	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 404, size_out = 404	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\x86\sunmscapi.dll, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.dll, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\sunmscapi.dll, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:04 (UTC)	2	Fn
Module	Load	module_name = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\sunmscapi.dll, base_address = 0x6b6c0000	1	Fn
Module	Get Address	module_name = Unknown module name, function = _JNI_OnLoad@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = Unknown module name, function = JNI_OnLoad, address_out = 0x0	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1399, size_out = 1399	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3618, size_out = 3618	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1507, size_out = 1507	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 8099, size_out = 8099	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 964, size_out = 964	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 1312, size_out = 1312	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 5799, size_out = 5799	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_net_DualStackPlainSocketImpl_socket0@16, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_net_DualStackPlainSocketImpl_socket0@16, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\net.dll, function = _Java_java_net_DualStackPlainSocketImpl_socket0@16, address_out = 0x71fa66ab	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 686, size_out = 686	1	Fn Data
System	Get Time	type = System Time, time = 2018-07-19 09:50:04 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\net.properties, type = file_attributes	2	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:04 (UTC)	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\net.properties, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\net.properties, type = file_type	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\net.properties, type = size, size_out = 3070	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 3605, size_out = 3605	1	Fn Data
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 331, size_out = 331	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_net_DualStackPlainSocketImpl_connect0@20, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_net_DualStackPlainSocketImpl_connect0@20, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\net.dll, function = _Java_java_net_DualStackPlainSocketImpl_connect0@20, address_out = 0x71fa6793	1	Fn
File	Read	size = 160, size_out = 160	1	Fn Data
File	Read	size = 30, size_out = 30	1	Fn Data
File	Read	size = 278, size_out = 278	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_net_DualStackPlainSocketImpl_close0@12, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_net_DualStackPlainSocketImpl_close0@12, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\net.dll, function = _Java_java_net_DualStackPlainSocketImpl_close0@12, address_out = 0x71fa99e3	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Runtime_gc@8, address_out = 0x720e2caf	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:05 (UTC)	1	Fn

Thread 0x930

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:08 (UTC)	1	Fn

Thread 0x934

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:11 (UTC)	1	Fn

Thread 0x938

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:14 (UTC)	1	Fn

Thread 0x940

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:18 (UTC)	1	Fn

Thread 0xa00

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000		1	Fn

Thread 0x9e8

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000		2	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:50:18 (UTC)		1	Fn

Thread 0x9f0

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_sun_awt_windows_WToolkit_shutdown@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_sun_awt_windows_WToolkit_shutdown@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\net.dll, function = _Java_sun_awt_windows_WToolkit_shutdown@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\nio.dll, function = _Java_sun_awt_windows_WToolkit_shutdown@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\awt.dll, function = _Java_sun_awt_windows_WToolkit_shutdown@8, address_out = 0x6ce50ac0	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = SendMessageW, address_out = 0x76b55539	1	Fn
System	Sleep	duration = 100 milliseconds (0.100 seconds)	1	Fn

Process #21: cmd.exe

Information	Value
ID	#21
File Name	c:\windows\system32\cmd.exe
Command Line	cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive5186310507301951599.vbs
Initial Working Directory	C:\Users\2XC7U6~1\AppData\Local\Temp\
Monitor	Start Time: 00:01:01, Reason: Child Process
Unmonitor	End Time: 00:01:04, Reason: Self Terminated
Monitor Duration	00:00:03

OS Process Information

Information	Value
PID	0x110
Parent PID	0xf58 (c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\javaw.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x 814

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	-	-	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000030000	0x00030000	0x00033fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000040000	0x00040000	0x00040fff	Pagefile Backed Memory	-	-	-
private_0x0000000000050000	0x00050000	0x0014ffff	Private Memory	-	-	-
private_0x0000000000150000	0x00150000	0x0024ffff	Private Memory	-	-	-
locale.nls	0x00250000	0x002b6fff	Memory Mapped File	-	-	-
pagefile_0x00000000002c0000	0x002c0000	0x002c6fff	Pagefile Backed Memory	-	-	-
pagefile_0x00000000002d0000	0x002d0000	0x002d1fff	Pagefile Backed Memory	-	-	-
private_0x00000000002e0000	0x002e0000	0x002e0fff	Private Memory	-	-	-
private_0x00000000002f0000	0x002f0000	0x002f0fff	Private Memory	-	-	-
cscript.exe	0x00300000	0x00321fff	Memory Mapped File	-	-	-
private_0x0000000000330000	0x00330000	0x0033ffff	Private Memory	-	-	-
pagefile_0x0000000000340000	0x00340000	0x00407fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000410000	0x00410000	0x00510fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000520000	0x00520000	0x0111ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000001120000	0x01120000	0x013aafff	Pagefile Backed Memory	-	-	-
sortdefault.nls	0x013b0000	0x0167efff	Memory Mapped File	-	-	-
cscript.exe.mui	0x01680000	0x01682fff	Memory Mapped File	-	-	-
cmd.exe	0x49e70000	0x49ebbfff	Memory Mapped File	-	-	-
winbrand.dll	0x6e390000	0x6e396fff	Memory Mapped File	-	-	-
kernelbase.dll	0x75180000	0x751c9fff	Memory Mapped File	-	-	-
imm32.dll	0x75200000	0x7521efff	Memory Mapped File	-	-	-
msctf.dll	0x75370000	0x7543bfff	Memory Mapped File	-	-	-
gdi32.dll	0x754f0000	0x7553dfff	Memory Mapped File	-	-	-
kernel32.dll	0x75540000	0x75613fff	Memory Mapped File	-	-	-
msvcrt.dll	0x75650000	0x756fbfff	Memory Mapped File	-	-	-
usp10.dll	0x76570000	0x7660cfff	Memory Mapped File	-	-	-
user32.dll	0x76b40000	0x76c08fff	Memory Mapped File	-	-	-
ntdll.dll	0x76db0000	0x76eebfff	Memory Mapped File	-	-	-
lpk.dll	0x76f50000	0x76f59fff	Memory Mapped File	-	-	-
apisetschema.dll	0x76ff0000	0x76ff0fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffde000	0x7ffde000	0x7ffdefff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-

Threads

Thread 0x814

Category	Operation	Information	Count	Logfile
System	Get Time	type = System Time, time = 2018-07-19 09:50:01 (UTC)	1	Fn
System	Get Time	type = Ticks, time = 10912472	1	Fn
Module	Get Handle	module_name = c:\windows\system32\cmd.exe, base_address = 0x49e70000	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x755924c2	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	2	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
Environment	Get Environment String	-	2	Fn Data
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 192, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE	1	Fn
Module	Get Filename	process_name = c:\windows\system32\cmd.exe, file_name_orig = C:\Windows\system32\cmd.exe, size = 260	1	Fn
Environment	Get Environment String	name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\	1	Fn
Environment	Get Environment String	name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC	1	Fn
Environment	Get Environment String	name = PROMPT	1	Fn
Environment	Set Environment String	name = PROMPT, value = $P$G	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Get Environment String	name = COMSPEC, result_out = C:\Windows\system32\cmd.exe	1	Fn
Environment	Get Environment String	name = KEYS	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp, type = file_attributes	2	Fn
Environment	Set Environment String	name = =C:, value = C:\Users\2XC7U6~1\AppData\Local\Temp	1	Fn
Environment	Get Environment String	-	1	Fn Data
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = CopyFileExW, address_out = 0x7557ac6c	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = IsDebuggerPresent, address_out = 0x75583ea8	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x75592732	1	Fn
File	Get Info	filename = cscript.exe, type = file_attributes	1	Fn
Environment	Get Environment String	name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\	1	Fn
Environment	Get Environment String	name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC	1	Fn
Process	Create	process_name = C:\Windows\system32\cscript.exe, os_pid = 0x114, creation_flags = CREATE_EXTENDED_STARTUPINFO_PRESENT, show_window = SW_SHOWNORMAL	1	Fn
Environment	Set Environment String	name = COPYCMD	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Set Environment String	name = =ExitCode, value = 00000000	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Set Environment String	name = =ExitCodeAscii	1	Fn
Environment	Get Environment String	-	1	Fn Data
File	Open	filename = STD_OUTPUT_HANDLE	2	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn

Process #22: cscript.exe

Information	Value
ID	#22
File Name	c:\windows\system32\cscript.exe
Command Line	cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive5186310507301951599.vbs
Initial Working Directory	C:\Users\2XC7U6~1\AppData\Local\Temp\
Monitor	Start Time: 00:01:02, Reason: Child Process
Unmonitor	End Time: 00:01:04, Reason: Self Terminated
Monitor Duration	00:00:02

OS Process Information

Information	Value
PID	0x114
Parent PID	0x110 (c:\windows\system32\cmd.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x 788 0x 118 0x 4D4 0x 134 0x 498 0x 85C 0x 170 0x 264

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	-	-	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000030000	0x00030000	0x00033fff	Pagefile Backed Memory	-	-	-
locale.nls	0x00040000	0x000a6fff	Memory Mapped File	-	-	-
pagefile_0x00000000000b0000	0x000b0000	0x000b6fff	Pagefile Backed Memory	-	-	-
pagefile_0x00000000000c0000	0x000c0000	0x000c1fff	Pagefile Backed Memory	-	-	-
private_0x00000000000d0000	0x000d0000	0x000dffff	Private Memory	-	-	-
cscript.exe.mui	0x000e0000	0x000e2fff	Memory Mapped File	-	-	-
private_0x00000000000f0000	0x000f0000	0x000f0fff	Private Memory	-	-	-
private_0x0000000000100000	0x00100000	0x00100fff	Private Memory	-	-	-
cscript.exe	0x00110000	0x0011bfff	Memory Mapped File	-	-	-
cscript.exe	0x00120000	0x00141fff	Memory Mapped File	-	-	-
pagefile_0x0000000000150000	0x00150000	0x00217fff	Pagefile Backed Memory	-	-	-
private_0x0000000000220000	0x00220000	0x0031ffff	Private Memory	-	-	-
pagefile_0x0000000000320000	0x00320000	0x00420fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000430000	0x00430000	0x00430fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000440000	0x00440000	0x00440fff	Pagefile Backed Memory	-	-	-
retrive5186310507301951599.vbs	0x00450000	0x00450fff	Memory Mapped File	-	-	-
private_0x0000000000450000	0x00450000	0x0045ffff	Private Memory	-	-	-
retrive5186310507301951599.vbs	0x00460000	0x00460fff	Memory Mapped File	-	-	-
wbemdisp.tlb	0x00460000	0x0046efff	Memory Mapped File	-	-	-
private_0x0000000000470000	0x00470000	0x0056ffff	Private Memory	-	-	-
pagefile_0x0000000000570000	0x00570000	0x0116ffff	Pagefile Backed Memory	-	-	-
rpcss.dll	0x01170000	0x011cbfff	Memory Mapped File	-	-	-
private_0x0000000001170000	0x01170000	0x0128ffff	Private Memory	-	-	-
pagefile_0x0000000001170000	0x01170000	0x0124efff	Pagefile Backed Memory	-	-	-
private_0x0000000001250000	0x01250000	0x0128ffff	Private Memory	-	-	-
rsaenh.dll	0x01290000	0x012cbfff	Memory Mapped File	-	-	-
private_0x0000000001290000	0x01290000	0x0130ffff	Private Memory	-	-	-
private_0x0000000001360000	0x01360000	0x0145ffff	Private Memory	-	-	-
sortdefault.nls	0x01460000	0x0172efff	Memory Mapped File	-	-	-
private_0x0000000001740000	0x01740000	0x0183ffff	Private Memory	-	-	-
private_0x00000000018e0000	0x018e0000	0x019dffff	Private Memory	-	-	-
pagefile_0x00000000019e0000	0x019e0000	0x01ddffff	Pagefile Backed Memory	-	-	-
private_0x0000000001de0000	0x01de0000	0x01edffff	Private Memory	-	-	-
private_0x0000000001ee0000	0x01ee0000	0x01f8ffff	Private Memory	-	-	-
private_0x0000000001fa0000	0x01fa0000	0x0209ffff	Private Memory	-	-	-
private_0x00000000020a0000	0x020a0000	0x021bffff	Private Memory	-	-	-
private_0x0000000002280000	0x02280000	0x0237ffff	Private Memory	-	-	-
private_0x0000000002570000	0x02570000	0x0266ffff	Private Memory	-	-	-
private_0x00000000026f0000	0x026f0000	0x027effff	Private Memory	-	-	-
wbemdisp.dll	0x6cc00000	0x6cc30fff	Memory Mapped File	-	-	-
scrobj.dll	0x6cc40000	0x6cc6cfff	Memory Mapped File	-	-	-
comctl32.dll	0x6cc70000	0x6ccf3fff	Memory Mapped File	-	-	-
wshext.dll	0x6cd30000	0x6cd45fff	Memory Mapped File	-	-	-
vbscript.dll	0x6cd50000	0x6cdbafff	Memory Mapped File	-	-	-
msisip.dll	0x6da40000	0x6da47fff	Memory Mapped File	-	-	-
wmiutils.dll	0x70770000	0x70786fff	Memory Mapped File	-	-	-
wbemsvc.dll	0x70970000	0x7097efff	Memory Mapped File	-	-	-
wbemprox.dll	0x70d40000	0x70d49fff	Memory Mapped File	-	-	-
ntdsapi.dll	0x70d50000	0x70d67fff	Memory Mapped File	-	-	-
fastprox.dll	0x70d70000	0x70e05fff	Memory Mapped File	-	-	-
wbemcomn.dll	0x71280000	0x712dbfff	Memory Mapped File	-	-	-
dwmapi.dll	0x731f0000	0x73202fff	Memory Mapped File	-	-	-
uxtheme.dll	0x73530000	0x7356ffff	Memory Mapped File	-	-	-
version.dll	0x74450000	0x74458fff	Memory Mapped File	-	-	-
rsaenh.dll	0x74770000	0x747aafff	Memory Mapped File	-	-	-
cryptsp.dll	0x749d0000	0x749e5fff	Memory Mapped File	-	-	-
cryptbase.dll	0x74e50000	0x74e5bfff	Memory Mapped File	-	-	-
sxs.dll	0x74e60000	0x74ebefff	Memory Mapped File	-	-	-
rpcrtremote.dll	0x74ef0000	0x74efdfff	Memory Mapped File	-	-	-
msasn1.dll	0x74f70000	0x74f7bfff	Memory Mapped File	-	-	-
crypt32.dll	0x74f80000	0x7509cfff	Memory Mapped File	-	-	-
wintrust.dll	0x750c0000	0x750ecfff	Memory Mapped File	-	-	-
kernelbase.dll	0x75180000	0x751c9fff	Memory Mapped File	-	-	-
imm32.dll	0x75200000	0x7521efff	Memory Mapped File	-	-	-
shlwapi.dll	0x75220000	0x75276fff	Memory Mapped File	-	-	-
advapi32.dll	0x75280000	0x7531ffff	Memory Mapped File	-	-	-
msctf.dll	0x75370000	0x7543bfff	Memory Mapped File	-	-	-
sechost.dll	0x75440000	0x75458fff	Memory Mapped File	-	-	-
clbcatq.dll	0x75460000	0x754e2fff	Memory Mapped File	-	-	-
gdi32.dll	0x754f0000	0x7553dfff	Memory Mapped File	-	-	-
kernel32.dll	0x75540000	0x75613fff	Memory Mapped File	-	-	-
msvcrt.dll	0x75650000	0x756fbfff	Memory Mapped File	-	-	-
shell32.dll	0x75700000	0x76349fff	Memory Mapped File	-	-	-
ole32.dll	0x76360000	0x764bbfff	Memory Mapped File	-	-	-
rpcrt4.dll	0x764c0000	0x76560fff	Memory Mapped File	-	-	-
usp10.dll	0x76570000	0x7660cfff	Memory Mapped File	-	-	-
nsi.dll	0x76850000	0x76855fff	Memory Mapped File	-	-	-
ws2_32.dll	0x76870000	0x768a4fff	Memory Mapped File	-	-	-
oleaut32.dll	0x76ab0000	0x76b3efff	Memory Mapped File	-	-	-
user32.dll	0x76b40000	0x76c08fff	Memory Mapped File	-	-	-
ntdll.dll	0x76db0000	0x76eebfff	Memory Mapped File	-	-	-
lpk.dll	0x76f50000	0x76f59fff	Memory Mapped File	-	-	-
apisetschema.dll	0x76ff0000	0x76ff0fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffd7000	0x7ffd7000	0x7ffd7fff	Private Memory	-	-	-
private_0x000000007ffd8000	0x7ffd8000	0x7ffd8fff	Private Memory	-	-	-
private_0x000000007ffd9000	0x7ffd9000	0x7ffd9fff	Private Memory	-	-	-
private_0x000000007ffda000	0x7ffda000	0x7ffdafff	Private Memory	-	-	-
private_0x000000007ffdb000	0x7ffdb000	0x7ffdbfff	Private Memory	-	-	-
private_0x000000007ffdc000	0x7ffdc000	0x7ffdcfff	Private Memory	-	-	-
private_0x000000007ffdd000	0x7ffdd000	0x7ffddfff	Private Memory	-	-	-
private_0x000000007ffde000	0x7ffde000	0x7ffdefff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-

Threads

Thread 0x788

Category	Operation	Information	Count	Logfile
System	Get Time	type = System Time, time = 2018-07-19 09:50:02 (UTC)	1	Fn
System	Get Time	type = Ticks, time = 10912659	1	Fn
Module	Get Handle	module_name = c:\windows\system32\cscript.exe, base_address = 0x120000	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Load	module_name = kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x755924c2	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 244, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = Enabled, data = 244, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = Enabled, data = 244, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 0, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = LogSecuritySuccesses, data = 0, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = LogSecuritySuccesses, data = 0, type = REG_NONE	1	Fn
Module	Load	module_name = kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = HeapSetInformation, address_out = 0x75594157	1	Fn
Module	Get Filename	module_name = c:\windows\system32\cscript.exe, process_name = c:\windows\system32\cscript.exe, file_name_orig = C:\Windows\system32\cscript.exe, size = 261	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 237, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = TrustPolicy, data = 196, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = UseWINSAFER, data = 237, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = TrustPolicy, data = 196, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = UseWINSAFER, data = 1, type = REG_SZ	1	Fn
Registry	Create Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = Timeout, data = 64, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = DisplayLogo, data = 1, type = REG_SZ	1	Fn
Registry	Create Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = Timeout, data = 64, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = DisplayLogo, data = 49, type = REG_NONE	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	1	Fn
File	Write	filename = STD_OUTPUT_HANDLE, size = 108	1	Fn Data
System	Sleep	duration = -1 (infinite)	1	Fn
Registry	Open Key	reg_name = HKEY_CLASSES_ROOT\.vbs	1	Fn
Registry	Read Value	reg_name = HKEY_CLASSES_ROOT\.vbs, data = VBSFile, type = REG_SZ	1	Fn
Registry	Open Key	reg_name = HKEY_CLASSES_ROOT\VBSFile\ScriptEngine	1	Fn
Registry	Read Value	reg_name = HKEY_CLASSES_ROOT\VBSFile\ScriptEngine, data = VBScript, type = REG_SZ	1	Fn
COM	Create	interface = 00000000-0000-0000-C000-000000000046, cls_context = CLSCTX_INPROC_SERVER, CLSCTX_INPROC_HANDLER, CLSCTX_LOCAL_SERVER, CLSCTX_REMOTE_SERVER	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Load	module_name = ole32.dll, base_address = 0x76360000	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = CoCreateInstance, address_out = 0x763a9d0b	1	Fn
COM	Create	interface = 6C736DC1-AB0D-11D0-A2AD-00A0C90F27E8, cls_context = CLSCTX_INPROC_SERVER	1	Fn
System	Get Time	type = Ticks, time = 10912925	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive5186310507301951599.vbs, desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive5186310507301951599.vbs, type = size	1	Fn
Module	Create Mapping	module_name = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive5186310507301951599.vbs, filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive5186310507301951599.vbs, protection = PAGE_READONLY, maximum_size = 276	1	Fn
Module	Map	C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive5186310507301951599.vbs, process_name = c:\windows\system32\cscript.exe, desired_access = FILE_MAP_READ	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Unmap	process_name = c:\windows\system32\cscript.exe	1	Fn
System	Get Info	type = System Directory	1	Fn
System	Get Info	type = System Directory, result_out = C:\Windows\system32	1	Fn
Module	Load	module_name = C:\Windows\system32\advapi32.dll, base_address = 0x75280000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferIdentifyLevel, address_out = 0x752a2102	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferComputeTokenFromLevel, address_out = 0x752a3352	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferCloseLevel, address_out = 0x752a3825	1	Fn
System	Get Info	type = Operating System	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive5186310507301951599.vbs, type = size	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive5186310507301951599.vbs, size = 276, size_out = 276	1	Fn Data
COM	Create	interface = E4D1C9B0-46E8-11D4-A2A6-00104BD35090, cls_context = CLSCTX_INPROC_SERVER	1	Fn
System	Get Info	type = Operating System	1	Fn
System	Get Info	type = Hardware Information	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = CreateBindCtx, address_out = 0x763a6d2c	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = MkParseDisplayName, address_out = 0x7636cea9	1	Fn
System	Get Info	type = Operating System	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Wbem\Scripting	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Wbem\Scripting, value_name = Default Impersonation Level, data = 3	1	Fn
System	Get Info	type = System Directory, result_out = C:\Windows\system32	1	Fn
Module	Load	module_name = C:\Windows\system32\advapi32.dll, base_address = 0x75280000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = DuplicateTokenEx, address_out = 0x7528ca24	1	Fn
COM	Create	interface = DC12A687-737F-11CF-884D-00AA004B2E24, cls_context = CLSCTX_INPROC_SERVER	1	Fn
COM	Create	interface = 3BC15AF2-736C-477E-9E51-238AF8667DCC, cls_context = CLSCTX_INPROC_SERVER	5	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = BindMoniker, address_out = 0x7636c6a7	1	Fn
System	Sleep	duration = -1 (infinite)	1	Fn

Thread 0x4d4

Category	Operation	Information	Success	Count	Logfile
Window	Create	class_name = WSH-Timer, wndproc_parameter = 860976		1	Fn
Window	Set Attribute	class_name = WSH-Timer, index = 18446744073709551595, new_long = 860976		1	Fn

Process #23: cmd.exe

Information	Value
ID	#23
File Name	c:\windows\system32\cmd.exe
Command Line	cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive466295784543991919.vbs
Initial Working Directory	C:\Users\2XC7U6~1\AppData\Local\Temp\
Monitor	Start Time: 00:01:03, Reason: Child Process
Unmonitor	End Time: 00:01:04, Reason: Self Terminated
Monitor Duration	00:00:01

OS Process Information

Information	Value
PID	0x400
Parent PID	0xfb8 (c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x 3B8

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	-	-	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000030000	0x00030000	0x00033fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000040000	0x00040000	0x00040fff	Pagefile Backed Memory	-	-	-
locale.nls	0x00050000	0x000b6fff	Memory Mapped File	-	-	-
pagefile_0x00000000000c0000	0x000c0000	0x000c6fff	Pagefile Backed Memory	-	-	-
private_0x00000000000d0000	0x000d0000	0x001cffff	Private Memory	-	-	-
pagefile_0x00000000001d0000	0x001d0000	0x001d1fff	Pagefile Backed Memory	-	-	-
private_0x00000000001e0000	0x001e0000	0x001e0fff	Private Memory	-	-	-
private_0x00000000001f0000	0x001f0000	0x001f0fff	Private Memory	-	-	-
private_0x0000000000200000	0x00200000	0x002fffff	Private Memory	-	-	-
pagefile_0x0000000000300000	0x00300000	0x003c7fff	Pagefile Backed Memory	-	-	-
cscript.exe	0x003d0000	0x003f1fff	Memory Mapped File	-	-	-
cscript.exe.mui	0x00400000	0x00402fff	Memory Mapped File	-	-	-
private_0x0000000000460000	0x00460000	0x0046ffff	Private Memory	-	-	-
pagefile_0x0000000000470000	0x00470000	0x00570fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000580000	0x00580000	0x0117ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000001180000	0x01180000	0x0140afff	Pagefile Backed Memory	-	-	-
sortdefault.nls	0x01410000	0x016defff	Memory Mapped File	-	-	-
cmd.exe	0x49e70000	0x49ebbfff	Memory Mapped File	-	-	-
winbrand.dll	0x6e390000	0x6e396fff	Memory Mapped File	-	-	-
kernelbase.dll	0x75180000	0x751c9fff	Memory Mapped File	-	-	-
imm32.dll	0x75200000	0x7521efff	Memory Mapped File	-	-	-
msctf.dll	0x75370000	0x7543bfff	Memory Mapped File	-	-	-
gdi32.dll	0x754f0000	0x7553dfff	Memory Mapped File	-	-	-
kernel32.dll	0x75540000	0x75613fff	Memory Mapped File	-	-	-
msvcrt.dll	0x75650000	0x756fbfff	Memory Mapped File	-	-	-
usp10.dll	0x76570000	0x7660cfff	Memory Mapped File	-	-	-
user32.dll	0x76b40000	0x76c08fff	Memory Mapped File	-	-	-
ntdll.dll	0x76db0000	0x76eebfff	Memory Mapped File	-	-	-
lpk.dll	0x76f50000	0x76f59fff	Memory Mapped File	-	-	-
apisetschema.dll	0x76ff0000	0x76ff0fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffd7000	0x7ffd7000	0x7ffd7fff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-

Threads

Thread 0x3b8

Category	Operation	Information	Count	Logfile
System	Get Time	type = System Time, time = 2018-07-19 09:50:03 (UTC)	1	Fn
System	Get Time	type = Ticks, time = 10913673	1	Fn
Module	Get Handle	module_name = c:\windows\system32\cmd.exe, base_address = 0x49e70000	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x755924c2	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	2	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
Environment	Get Environment String	-	2	Fn Data
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 192, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE	1	Fn
Module	Get Filename	process_name = c:\windows\system32\cmd.exe, file_name_orig = C:\Windows\system32\cmd.exe, size = 260	1	Fn
Environment	Get Environment String	name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\	1	Fn
Environment	Get Environment String	name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC	1	Fn
Environment	Get Environment String	name = PROMPT	1	Fn
Environment	Set Environment String	name = PROMPT, value = $P$G	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Get Environment String	name = COMSPEC, result_out = C:\Windows\system32\cmd.exe	1	Fn
Environment	Get Environment String	name = KEYS	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp, type = file_attributes	2	Fn
Environment	Set Environment String	name = =C:, value = C:\Users\2XC7U6~1\AppData\Local\Temp	1	Fn
Environment	Get Environment String	-	1	Fn Data
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = CopyFileExW, address_out = 0x7557ac6c	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = IsDebuggerPresent, address_out = 0x75583ea8	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x75592732	1	Fn
File	Get Info	filename = cscript.exe, type = file_attributes	1	Fn
Environment	Get Environment String	name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\	1	Fn
Environment	Get Environment String	name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC	1	Fn
Process	Create	process_name = C:\Windows\system32\cscript.exe, os_pid = 0x130, creation_flags = CREATE_EXTENDED_STARTUPINFO_PRESENT, show_window = SW_SHOWNORMAL	1	Fn
Environment	Set Environment String	name = COPYCMD	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Set Environment String	name = =ExitCode, value = 00000000	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Set Environment String	name = =ExitCodeAscii	1	Fn
Environment	Get Environment String	-	1	Fn Data
File	Open	filename = STD_OUTPUT_HANDLE	2	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn

Process #24: cscript.exe

Information	Value
ID	#24
File Name	c:\windows\system32\cscript.exe
Command Line	cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive466295784543991919.vbs
Initial Working Directory	C:\Users\2XC7U6~1\AppData\Local\Temp\
Monitor	Start Time: 00:01:03, Reason: Child Process
Unmonitor	End Time: 00:01:04, Reason: Self Terminated
Monitor Duration	00:00:01

OS Process Information

Information	Value
PID	0x130
Parent PID	0x400 (c:\windows\system32\cmd.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x 310 0x 710 0x 88C 0x 878 0x 8EC 0x 4BC 0x 8FC 0x 660

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	-	-	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000030000	0x00030000	0x00033fff	Pagefile Backed Memory	-	-	-
locale.nls	0x00040000	0x000a6fff	Memory Mapped File	-	-	-
pagefile_0x00000000000b0000	0x000b0000	0x000b6fff	Pagefile Backed Memory	-	-	-
pagefile_0x00000000000c0000	0x000c0000	0x000c1fff	Pagefile Backed Memory	-	-	-
cscript.exe.mui	0x000d0000	0x000d2fff	Memory Mapped File	-	-	-
private_0x00000000000e0000	0x000e0000	0x000e0fff	Private Memory	-	-	-
private_0x00000000000f0000	0x000f0000	0x000f0fff	Private Memory	-	-	-
cscript.exe	0x00100000	0x0010bfff	Memory Mapped File	-	-	-
pagefile_0x0000000000110000	0x00110000	0x00110fff	Pagefile Backed Memory	-	-	-
cscript.exe	0x00120000	0x00141fff	Memory Mapped File	-	-	-
pagefile_0x0000000000150000	0x00150000	0x00217fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000220000	0x00220000	0x00220fff	Pagefile Backed Memory	-	-	-
retrive466295784543991919.vbs	0x00230000	0x00230fff	Memory Mapped File	-	-	-
private_0x0000000000230000	0x00230000	0x0023ffff	Private Memory	-	-	-
retrive466295784543991919.vbs	0x00240000	0x00240fff	Memory Mapped File	-	-	-
wbemdisp.tlb	0x00240000	0x0024efff	Memory Mapped File	-	-	-
private_0x0000000000260000	0x00260000	0x0026ffff	Private Memory	-	-	-
private_0x0000000000270000	0x00270000	0x0036ffff	Private Memory	-	-	-
rpcss.dll	0x00370000	0x003cbfff	Memory Mapped File	-	-	-
pagefile_0x0000000000370000	0x00370000	0x0044efff	Pagefile Backed Memory	-	-	-
private_0x0000000000470000	0x00470000	0x0056ffff	Private Memory	-	-	-
pagefile_0x0000000000570000	0x00570000	0x00670fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000680000	0x00680000	0x0127ffff	Pagefile Backed Memory	-	-	-
private_0x0000000001280000	0x01280000	0x013cffff	Private Memory	-	-	-
rsaenh.dll	0x01280000	0x012bbfff	Memory Mapped File	-	-	-
private_0x0000000001280000	0x01280000	0x012effff	Private Memory	-	-	-
private_0x00000000012f0000	0x012f0000	0x0137ffff	Private Memory	-	-	-
private_0x0000000001390000	0x01390000	0x013cffff	Private Memory	-	-	-
private_0x00000000013d0000	0x013d0000	0x014cffff	Private Memory	-	-	-
private_0x0000000001510000	0x01510000	0x0160ffff	Private Memory	-	-	-
sortdefault.nls	0x01610000	0x018defff	Memory Mapped File	-	-	-
private_0x0000000001900000	0x01900000	0x019fffff	Private Memory	-	-	-
private_0x0000000001b10000	0x01b10000	0x01c0ffff	Private Memory	-	-	-
pagefile_0x0000000001c10000	0x01c10000	0x0200ffff	Pagefile Backed Memory	-	-	-
private_0x0000000002040000	0x02040000	0x0213ffff	Private Memory	-	-	-
private_0x0000000002140000	0x02140000	0x0227ffff	Private Memory	-	-	-
private_0x0000000002140000	0x02140000	0x0223ffff	Private Memory	-	-	-
private_0x0000000002240000	0x02240000	0x0227ffff	Private Memory	-	-	-
private_0x0000000002310000	0x02310000	0x0240ffff	Private Memory	-	-	-
private_0x0000000002520000	0x02520000	0x0261ffff	Private Memory	-	-	-
wbemdisp.dll	0x6cc00000	0x6cc30fff	Memory Mapped File	-	-	-
scrobj.dll	0x6cc40000	0x6cc6cfff	Memory Mapped File	-	-	-
comctl32.dll	0x6cc70000	0x6ccf3fff	Memory Mapped File	-	-	-
wshext.dll	0x6cd30000	0x6cd45fff	Memory Mapped File	-	-	-
vbscript.dll	0x6cd50000	0x6cdbafff	Memory Mapped File	-	-	-
msisip.dll	0x6da40000	0x6da47fff	Memory Mapped File	-	-	-
wmiutils.dll	0x70770000	0x70786fff	Memory Mapped File	-	-	-
wbemsvc.dll	0x70970000	0x7097efff	Memory Mapped File	-	-	-
wbemprox.dll	0x70d40000	0x70d49fff	Memory Mapped File	-	-	-
ntdsapi.dll	0x70d50000	0x70d67fff	Memory Mapped File	-	-	-
fastprox.dll	0x70d70000	0x70e05fff	Memory Mapped File	-	-	-
wbemcomn.dll	0x71280000	0x712dbfff	Memory Mapped File	-	-	-
dwmapi.dll	0x731f0000	0x73202fff	Memory Mapped File	-	-	-
uxtheme.dll	0x73530000	0x7356ffff	Memory Mapped File	-	-	-
version.dll	0x74450000	0x74458fff	Memory Mapped File	-	-	-
rsaenh.dll	0x74770000	0x747aafff	Memory Mapped File	-	-	-
cryptsp.dll	0x749d0000	0x749e5fff	Memory Mapped File	-	-	-
cryptbase.dll	0x74e50000	0x74e5bfff	Memory Mapped File	-	-	-
sxs.dll	0x74e60000	0x74ebefff	Memory Mapped File	-	-	-
rpcrtremote.dll	0x74ef0000	0x74efdfff	Memory Mapped File	-	-	-
msasn1.dll	0x74f70000	0x74f7bfff	Memory Mapped File	-	-	-
crypt32.dll	0x74f80000	0x7509cfff	Memory Mapped File	-	-	-
wintrust.dll	0x750c0000	0x750ecfff	Memory Mapped File	-	-	-
kernelbase.dll	0x75180000	0x751c9fff	Memory Mapped File	-	-	-
imm32.dll	0x75200000	0x7521efff	Memory Mapped File	-	-	-
shlwapi.dll	0x75220000	0x75276fff	Memory Mapped File	-	-	-
advapi32.dll	0x75280000	0x7531ffff	Memory Mapped File	-	-	-
msctf.dll	0x75370000	0x7543bfff	Memory Mapped File	-	-	-
sechost.dll	0x75440000	0x75458fff	Memory Mapped File	-	-	-
clbcatq.dll	0x75460000	0x754e2fff	Memory Mapped File	-	-	-
gdi32.dll	0x754f0000	0x7553dfff	Memory Mapped File	-	-	-
kernel32.dll	0x75540000	0x75613fff	Memory Mapped File	-	-	-
msvcrt.dll	0x75650000	0x756fbfff	Memory Mapped File	-	-	-
shell32.dll	0x75700000	0x76349fff	Memory Mapped File	-	-	-
ole32.dll	0x76360000	0x764bbfff	Memory Mapped File	-	-	-
rpcrt4.dll	0x764c0000	0x76560fff	Memory Mapped File	-	-	-
usp10.dll	0x76570000	0x7660cfff	Memory Mapped File	-	-	-
nsi.dll	0x76850000	0x76855fff	Memory Mapped File	-	-	-
ws2_32.dll	0x76870000	0x768a4fff	Memory Mapped File	-	-	-
oleaut32.dll	0x76ab0000	0x76b3efff	Memory Mapped File	-	-	-
user32.dll	0x76b40000	0x76c08fff	Memory Mapped File	-	-	-
ntdll.dll	0x76db0000	0x76eebfff	Memory Mapped File	-	-	-
lpk.dll	0x76f50000	0x76f59fff	Memory Mapped File	-	-	-
apisetschema.dll	0x76ff0000	0x76ff0fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffd7000	0x7ffd7000	0x7ffd7fff	Private Memory	-	-	-
private_0x000000007ffd8000	0x7ffd8000	0x7ffd8fff	Private Memory	-	-	-
private_0x000000007ffd9000	0x7ffd9000	0x7ffd9fff	Private Memory	-	-	-
private_0x000000007ffda000	0x7ffda000	0x7ffdafff	Private Memory	-	-	-
private_0x000000007ffdb000	0x7ffdb000	0x7ffdbfff	Private Memory	-	-	-
private_0x000000007ffdc000	0x7ffdc000	0x7ffdcfff	Private Memory	-	-	-
private_0x000000007ffdd000	0x7ffdd000	0x7ffddfff	Private Memory	-	-	-
private_0x000000007ffde000	0x7ffde000	0x7ffdefff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-

Threads

Thread 0x310

Category	Operation	Information	Count	Logfile
System	Get Time	type = System Time, time = 2018-07-19 09:50:03 (UTC)	1	Fn
System	Get Time	type = Ticks, time = 10913736	1	Fn
Module	Get Handle	module_name = c:\windows\system32\cscript.exe, base_address = 0x120000	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Load	module_name = kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x755924c2	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 228, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = Enabled, data = 228, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = Enabled, data = 228, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 0, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = LogSecuritySuccesses, data = 0, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = LogSecuritySuccesses, data = 0, type = REG_NONE	1	Fn
Module	Load	module_name = kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = HeapSetInformation, address_out = 0x75594157	1	Fn
Module	Get Filename	module_name = c:\windows\system32\cscript.exe, process_name = c:\windows\system32\cscript.exe, file_name_orig = C:\Windows\system32\cscript.exe, size = 261	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 237, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = TrustPolicy, data = 216, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = UseWINSAFER, data = 237, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = TrustPolicy, data = 216, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = UseWINSAFER, data = 1, type = REG_SZ	1	Fn
Registry	Create Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = Timeout, data = 48, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = DisplayLogo, data = 1, type = REG_SZ	1	Fn
Registry	Create Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = Timeout, data = 48, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = DisplayLogo, data = 49, type = REG_NONE	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	1	Fn
File	Write	filename = STD_OUTPUT_HANDLE, size = 108	1	Fn Data
System	Sleep	duration = -1 (infinite)	1	Fn
Registry	Open Key	reg_name = HKEY_CLASSES_ROOT\.vbs	1	Fn
Registry	Read Value	reg_name = HKEY_CLASSES_ROOT\.vbs, data = VBSFile, type = REG_SZ	1	Fn
Registry	Open Key	reg_name = HKEY_CLASSES_ROOT\VBSFile\ScriptEngine	1	Fn
Registry	Read Value	reg_name = HKEY_CLASSES_ROOT\VBSFile\ScriptEngine, data = VBScript, type = REG_SZ	1	Fn
COM	Create	interface = 00000000-0000-0000-C000-000000000046, cls_context = CLSCTX_INPROC_SERVER, CLSCTX_INPROC_HANDLER, CLSCTX_LOCAL_SERVER, CLSCTX_REMOTE_SERVER	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Load	module_name = ole32.dll, base_address = 0x76360000	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = CoCreateInstance, address_out = 0x763a9d0b	1	Fn
COM	Create	interface = 6C736DC1-AB0D-11D0-A2AD-00A0C90F27E8, cls_context = CLSCTX_INPROC_SERVER	1	Fn
System	Get Time	type = Ticks, time = 10913783	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive466295784543991919.vbs, desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive466295784543991919.vbs, type = size	1	Fn
Module	Create Mapping	module_name = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive466295784543991919.vbs, filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive466295784543991919.vbs, protection = PAGE_READONLY, maximum_size = 276	1	Fn
Module	Map	C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive466295784543991919.vbs, process_name = c:\windows\system32\cscript.exe, desired_access = FILE_MAP_READ	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Unmap	process_name = c:\windows\system32\cscript.exe	1	Fn
System	Get Info	type = System Directory	1	Fn
System	Get Info	type = System Directory, result_out = C:\Windows\system32	1	Fn
Module	Load	module_name = C:\Windows\system32\advapi32.dll, base_address = 0x75280000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferIdentifyLevel, address_out = 0x752a2102	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferComputeTokenFromLevel, address_out = 0x752a3352	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferCloseLevel, address_out = 0x752a3825	1	Fn
System	Get Info	type = Operating System	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive466295784543991919.vbs, type = size	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive466295784543991919.vbs, size = 276, size_out = 276	1	Fn Data
COM	Create	interface = E4D1C9B0-46E8-11D4-A2A6-00104BD35090, cls_context = CLSCTX_INPROC_SERVER	1	Fn
System	Get Info	type = Operating System	1	Fn
System	Get Info	type = Hardware Information	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = CreateBindCtx, address_out = 0x763a6d2c	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = MkParseDisplayName, address_out = 0x7636cea9	1	Fn
System	Get Info	type = Operating System	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Wbem\Scripting	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Wbem\Scripting, value_name = Default Impersonation Level, data = 3	1	Fn
System	Get Info	type = System Directory, result_out = C:\Windows\system32	1	Fn
Module	Load	module_name = C:\Windows\system32\advapi32.dll, base_address = 0x75280000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = DuplicateTokenEx, address_out = 0x7528ca24	1	Fn
COM	Create	interface = DC12A687-737F-11CF-884D-00AA004B2E24, cls_context = CLSCTX_INPROC_SERVER	1	Fn
COM	Create	interface = 3BC15AF2-736C-477E-9E51-238AF8667DCC, cls_context = CLSCTX_INPROC_SERVER	5	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = BindMoniker, address_out = 0x7636c6a7	1	Fn
System	Sleep	duration = -1 (infinite)	1	Fn

Thread 0x88c

Category	Operation	Information	Success	Count	Logfile
Window	Create	class_name = WSH-Timer, wndproc_parameter = 2499376		1	Fn
Window	Set Attribute	class_name = WSH-Timer, index = 18446744073709551595, new_long = 2499376		1	Fn

Process #25: cmd.exe

Information	Value
ID	#25
File Name	c:\windows\system32\cmd.exe
Command Line	cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1625750400979200631.vbs
Initial Working Directory	C:\Users\2XC7U6~1\AppData\Local\Temp\
Monitor	Start Time: 00:01:03, Reason: Child Process
Unmonitor	End Time: 00:01:06, Reason: Self Terminated
Monitor Duration	00:00:03

OS Process Information

Information	Value
PID	0x754
Parent PID	0xf58 (c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\javaw.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x 624

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	-	-	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	-	-	-
private_0x0000000000030000	0x00030000	0x0012ffff	Private Memory	-	-	-
pagefile_0x0000000000130000	0x00130000	0x00133fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000140000	0x00140000	0x00140fff	Pagefile Backed Memory	-	-	-
locale.nls	0x00150000	0x001b6fff	Memory Mapped File	-	-	-
pagefile_0x00000000001c0000	0x001c0000	0x00287fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000290000	0x00290000	0x00296fff	Pagefile Backed Memory	-	-	-
pagefile_0x00000000002a0000	0x002a0000	0x002a1fff	Pagefile Backed Memory	-	-	-
private_0x00000000002b0000	0x002b0000	0x002b0fff	Private Memory	-	-	-
private_0x00000000002c0000	0x002c0000	0x002c0fff	Private Memory	-	-	-
cscript.exe	0x002d0000	0x002f1fff	Memory Mapped File	-	-	-
cscript.exe.mui	0x00300000	0x00302fff	Memory Mapped File	-	-	-
private_0x0000000000310000	0x00310000	0x0040ffff	Private Memory	-	-	-
pagefile_0x0000000000410000	0x00410000	0x00510fff	Pagefile Backed Memory	-	-	-
private_0x00000000005d0000	0x005d0000	0x005dffff	Private Memory	-	-	-
pagefile_0x00000000005e0000	0x005e0000	0x011dffff	Pagefile Backed Memory	-	-	-
pagefile_0x00000000011e0000	0x011e0000	0x0146afff	Pagefile Backed Memory	-	-	-
sortdefault.nls	0x01470000	0x0173efff	Memory Mapped File	-	-	-
cmd.exe	0x49e70000	0x49ebbfff	Memory Mapped File	-	-	-
winbrand.dll	0x6e390000	0x6e396fff	Memory Mapped File	-	-	-
kernelbase.dll	0x75180000	0x751c9fff	Memory Mapped File	-	-	-
imm32.dll	0x75200000	0x7521efff	Memory Mapped File	-	-	-
msctf.dll	0x75370000	0x7543bfff	Memory Mapped File	-	-	-
gdi32.dll	0x754f0000	0x7553dfff	Memory Mapped File	-	-	-
kernel32.dll	0x75540000	0x75613fff	Memory Mapped File	-	-	-
msvcrt.dll	0x75650000	0x756fbfff	Memory Mapped File	-	-	-
usp10.dll	0x76570000	0x7660cfff	Memory Mapped File	-	-	-
user32.dll	0x76b40000	0x76c08fff	Memory Mapped File	-	-	-
ntdll.dll	0x76db0000	0x76eebfff	Memory Mapped File	-	-	-
lpk.dll	0x76f50000	0x76f59fff	Memory Mapped File	-	-	-
apisetschema.dll	0x76ff0000	0x76ff0fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffd9000	0x7ffd9000	0x7ffd9fff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-

Threads

Thread 0x624

Category	Operation	Information	Count	Logfile
System	Get Time	type = System Time, time = 2018-07-19 09:50:03 (UTC)	1	Fn
System	Get Time	type = Ticks, time = 10914126	1	Fn
Module	Get Handle	module_name = c:\windows\system32\cmd.exe, base_address = 0x49e70000	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x755924c2	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	2	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
Environment	Get Environment String	-	2	Fn Data
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 192, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE	1	Fn
Module	Get Filename	process_name = c:\windows\system32\cmd.exe, file_name_orig = C:\Windows\system32\cmd.exe, size = 260	1	Fn
Environment	Get Environment String	name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\	1	Fn
Environment	Get Environment String	name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC	1	Fn
Environment	Get Environment String	name = PROMPT	1	Fn
Environment	Set Environment String	name = PROMPT, value = $P$G	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Get Environment String	name = COMSPEC, result_out = C:\Windows\system32\cmd.exe	1	Fn
Environment	Get Environment String	name = KEYS	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp, type = file_attributes	2	Fn
Environment	Set Environment String	name = =C:, value = C:\Users\2XC7U6~1\AppData\Local\Temp	1	Fn
Environment	Get Environment String	-	1	Fn Data
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = CopyFileExW, address_out = 0x7557ac6c	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = IsDebuggerPresent, address_out = 0x75583ea8	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x75592732	1	Fn
File	Get Info	filename = cscript.exe, type = file_attributes	1	Fn
Environment	Get Environment String	name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\	1	Fn
Environment	Get Environment String	name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC	1	Fn
Process	Create	process_name = C:\Windows\system32\cscript.exe, os_pid = 0x904, creation_flags = CREATE_EXTENDED_STARTUPINFO_PRESENT, show_window = SW_SHOWNORMAL	1	Fn
Environment	Set Environment String	name = COPYCMD	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Set Environment String	name = =ExitCode, value = 00000000	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Set Environment String	name = =ExitCodeAscii	1	Fn
Environment	Get Environment String	-	1	Fn Data
File	Open	filename = STD_OUTPUT_HANDLE	2	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn

Process #26: cmd.exe

Information	Value
ID	#26
File Name	c:\windows\system32\cmd.exe
Command Line	cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3068316261550961408.vbs
Initial Working Directory	C:\Users\2XC7U6~1\AppData\Local\Temp\
Monitor	Start Time: 00:01:03, Reason: Child Process
Unmonitor	End Time: 00:01:05, Reason: Self Terminated
Monitor Duration	00:00:02

OS Process Information

Information	Value
PID	0x588
Parent PID	0xfb8 (c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x 154

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	-	-	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000030000	0x00030000	0x00033fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000040000	0x00040000	0x00040fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000050000	0x00050000	0x00056fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000060000	0x00060000	0x00061fff	Pagefile Backed Memory	-	-	-
private_0x0000000000070000	0x00070000	0x0016ffff	Private Memory	-	-	-
locale.nls	0x00170000	0x001d6fff	Memory Mapped File	-	-	-
private_0x00000000001e0000	0x001e0000	0x001e0fff	Private Memory	-	-	-
private_0x00000000001f0000	0x001f0000	0x001f0fff	Private Memory	-	-	-
cscript.exe	0x00200000	0x00221fff	Memory Mapped File	-	-	-
private_0x0000000000230000	0x00230000	0x0032ffff	Private Memory	-	-	-
cscript.exe.mui	0x00330000	0x00332fff	Memory Mapped File	-	-	-
private_0x0000000000390000	0x00390000	0x0039ffff	Private Memory	-	-	-
pagefile_0x00000000003a0000	0x003a0000	0x00467fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000470000	0x00470000	0x00570fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000580000	0x00580000	0x0117ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000001180000	0x01180000	0x0140afff	Pagefile Backed Memory	-	-	-
sortdefault.nls	0x01410000	0x016defff	Memory Mapped File	-	-	-
cmd.exe	0x49e70000	0x49ebbfff	Memory Mapped File	-	-	-
winbrand.dll	0x6e390000	0x6e396fff	Memory Mapped File	-	-	-
kernelbase.dll	0x75180000	0x751c9fff	Memory Mapped File	-	-	-
imm32.dll	0x75200000	0x7521efff	Memory Mapped File	-	-	-
msctf.dll	0x75370000	0x7543bfff	Memory Mapped File	-	-	-
gdi32.dll	0x754f0000	0x7553dfff	Memory Mapped File	-	-	-
kernel32.dll	0x75540000	0x75613fff	Memory Mapped File	-	-	-
msvcrt.dll	0x75650000	0x756fbfff	Memory Mapped File	-	-	-
usp10.dll	0x76570000	0x7660cfff	Memory Mapped File	-	-	-
user32.dll	0x76b40000	0x76c08fff	Memory Mapped File	-	-	-
ntdll.dll	0x76db0000	0x76eebfff	Memory Mapped File	-	-	-
lpk.dll	0x76f50000	0x76f59fff	Memory Mapped File	-	-	-
apisetschema.dll	0x76ff0000	0x76ff0fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffd7000	0x7ffd7000	0x7ffd7fff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-

Threads

Thread 0x154

Category	Operation	Information	Count	Logfile
System	Get Time	type = System Time, time = 2018-07-19 09:50:03 (UTC)	1	Fn
System	Get Time	type = Ticks, time = 10914173	1	Fn
Module	Get Handle	module_name = c:\windows\system32\cmd.exe, base_address = 0x49e70000	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x755924c2	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	2	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
Environment	Get Environment String	-	2	Fn Data
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 192, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE	1	Fn
Module	Get Filename	process_name = c:\windows\system32\cmd.exe, file_name_orig = C:\Windows\system32\cmd.exe, size = 260	1	Fn
Environment	Get Environment String	name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\	1	Fn
Environment	Get Environment String	name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC	1	Fn
Environment	Get Environment String	name = PROMPT	1	Fn
Environment	Set Environment String	name = PROMPT, value = $P$G	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Get Environment String	name = COMSPEC, result_out = C:\Windows\system32\cmd.exe	1	Fn
Environment	Get Environment String	name = KEYS	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp, type = file_attributes	2	Fn
Environment	Set Environment String	name = =C:, value = C:\Users\2XC7U6~1\AppData\Local\Temp	1	Fn
Environment	Get Environment String	-	1	Fn Data
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = CopyFileExW, address_out = 0x7557ac6c	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = IsDebuggerPresent, address_out = 0x75583ea8	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x75592732	1	Fn
File	Get Info	filename = cscript.exe, type = file_attributes	1	Fn
Environment	Get Environment String	name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\	1	Fn
Environment	Get Environment String	name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC	1	Fn
Process	Create	process_name = C:\Windows\system32\cscript.exe, os_pid = 0x924, creation_flags = CREATE_EXTENDED_STARTUPINFO_PRESENT, show_window = SW_SHOWNORMAL	1	Fn
Environment	Set Environment String	name = COPYCMD	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Set Environment String	name = =ExitCode, value = 00000000	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Set Environment String	name = =ExitCodeAscii	1	Fn
Environment	Get Environment String	-	1	Fn Data
File	Open	filename = STD_OUTPUT_HANDLE	2	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn

Process #27: cscript.exe

Information	Value
ID	#27
File Name	c:\windows\system32\cscript.exe
Command Line	cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3068316261550961408.vbs
Initial Working Directory	C:\Users\2XC7U6~1\AppData\Local\Temp\
Monitor	Start Time: 00:01:04, Reason: Child Process
Unmonitor	End Time: 00:01:05, Reason: Self Terminated
Monitor Duration	00:00:01

OS Process Information

Information	Value
PID	0x924
Parent PID	0x588 (c:\windows\system32\cmd.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x 948 0x 958 0x 960 0x 96C 0x 214 0x 1CC 0x 460 0x 174

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	-	-	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000030000	0x00030000	0x00033fff	Pagefile Backed Memory	-	-	-
locale.nls	0x00040000	0x000a6fff	Memory Mapped File	-	-	-
pagefile_0x00000000000b0000	0x000b0000	0x000b6fff	Pagefile Backed Memory	-	-	-
pagefile_0x00000000000c0000	0x000c0000	0x000c1fff	Pagefile Backed Memory	-	-	-
cscript.exe.mui	0x000d0000	0x000d2fff	Memory Mapped File	-	-	-
private_0x00000000000e0000	0x000e0000	0x000effff	Private Memory	-	-	-
private_0x00000000000f0000	0x000f0000	0x000f0fff	Private Memory	-	-	-
private_0x0000000000100000	0x00100000	0x00100fff	Private Memory	-	-	-
rpcss.dll	0x00110000	0x0016bfff	Memory Mapped File	-	-	-
cscript.exe	0x00110000	0x0011bfff	Memory Mapped File	-	-	-
pagefile_0x0000000000120000	0x00120000	0x00120fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000130000	0x00130000	0x00130fff	Pagefile Backed Memory	-	-	-
retrive3068316261550961408.vbs	0x00140000	0x00140fff	Memory Mapped File	-	-	-
rsaenh.dll	0x00140000	0x0017bfff	Memory Mapped File	-	-	-
private_0x0000000000140000	0x00140000	0x0014ffff	Private Memory	-	-	-
retrive3068316261550961408.vbs	0x00150000	0x00150fff	Memory Mapped File	-	-	-
wbemdisp.tlb	0x00150000	0x0015efff	Memory Mapped File	-	-	-
private_0x0000000000180000	0x00180000	0x0027ffff	Private Memory	-	-	-
private_0x0000000000280000	0x00280000	0x002cffff	Private Memory	-	-	-
private_0x0000000000320000	0x00320000	0x0041ffff	Private Memory	-	-	-
pagefile_0x0000000000420000	0x00420000	0x004e7fff	Pagefile Backed Memory	-	-	-
pagefile_0x00000000004f0000	0x004f0000	0x005f0fff	Pagefile Backed Memory	-	-	-
private_0x0000000000600000	0x00600000	0x0075ffff	Private Memory	-	-	-
pagefile_0x0000000000600000	0x00600000	0x006defff	Pagefile Backed Memory	-	-	-
private_0x0000000000720000	0x00720000	0x0075ffff	Private Memory	-	-	-
private_0x0000000000780000	0x00780000	0x0087ffff	Private Memory	-	-	-
private_0x0000000000890000	0x00890000	0x0098ffff	Private Memory	-	-	-
private_0x00000000009e0000	0x009e0000	0x00adffff	Private Memory	-	-	-
private_0x0000000000ae0000	0x00ae0000	0x00b3ffff	Private Memory	-	-	-
cscript.exe	0x00b80000	0x00ba1fff	Memory Mapped File	-	-	-
pagefile_0x0000000000bb0000	0x00bb0000	0x017affff	Pagefile Backed Memory	-	-	-
sortdefault.nls	0x017b0000	0x01a7efff	Memory Mapped File	-	-	-
pagefile_0x0000000001a80000	0x01a80000	0x01e7ffff	Pagefile Backed Memory	-	-	-
private_0x0000000001f40000	0x01f40000	0x0203ffff	Private Memory	-	-	-
private_0x0000000002040000	0x02040000	0x0213ffff	Private Memory	-	-	-
private_0x0000000002140000	0x02140000	0x022effff	Private Memory	-	-	-
private_0x0000000002150000	0x02150000	0x0224ffff	Private Memory	-	-	-
private_0x00000000022b0000	0x022b0000	0x022effff	Private Memory	-	-	-
private_0x0000000002330000	0x02330000	0x0242ffff	Private Memory	-	-	-
private_0x0000000002500000	0x02500000	0x025fffff	Private Memory	-	-	-
comctl32.dll	0x6cc00000	0x6cc83fff	Memory Mapped File	-	-	-
vbscript.dll	0x6cc90000	0x6ccfafff	Memory Mapped File	-	-	-
wbemdisp.dll	0x6cd30000	0x6cd60fff	Memory Mapped File	-	-	-
scrobj.dll	0x6cd70000	0x6cd9cfff	Memory Mapped File	-	-	-
wshext.dll	0x6cda0000	0x6cdb5fff	Memory Mapped File	-	-	-
msisip.dll	0x6da30000	0x6da37fff	Memory Mapped File	-	-	-
wmiutils.dll	0x70770000	0x70786fff	Memory Mapped File	-	-	-
wbemsvc.dll	0x70970000	0x7097efff	Memory Mapped File	-	-	-
wbemprox.dll	0x70d40000	0x70d49fff	Memory Mapped File	-	-	-
ntdsapi.dll	0x70d50000	0x70d67fff	Memory Mapped File	-	-	-
fastprox.dll	0x70d70000	0x70e05fff	Memory Mapped File	-	-	-
wbemcomn.dll	0x71280000	0x712dbfff	Memory Mapped File	-	-	-
dwmapi.dll	0x731f0000	0x73202fff	Memory Mapped File	-	-	-
uxtheme.dll	0x73530000	0x7356ffff	Memory Mapped File	-	-	-
version.dll	0x74450000	0x74458fff	Memory Mapped File	-	-	-
rsaenh.dll	0x74770000	0x747aafff	Memory Mapped File	-	-	-
cryptsp.dll	0x749d0000	0x749e5fff	Memory Mapped File	-	-	-
cryptbase.dll	0x74e50000	0x74e5bfff	Memory Mapped File	-	-	-
sxs.dll	0x74e60000	0x74ebefff	Memory Mapped File	-	-	-
rpcrtremote.dll	0x74ef0000	0x74efdfff	Memory Mapped File	-	-	-
msasn1.dll	0x74f70000	0x74f7bfff	Memory Mapped File	-	-	-
crypt32.dll	0x74f80000	0x7509cfff	Memory Mapped File	-	-	-
wintrust.dll	0x750c0000	0x750ecfff	Memory Mapped File	-	-	-
kernelbase.dll	0x75180000	0x751c9fff	Memory Mapped File	-	-	-
imm32.dll	0x75200000	0x7521efff	Memory Mapped File	-	-	-
shlwapi.dll	0x75220000	0x75276fff	Memory Mapped File	-	-	-
advapi32.dll	0x75280000	0x7531ffff	Memory Mapped File	-	-	-
msctf.dll	0x75370000	0x7543bfff	Memory Mapped File	-	-	-
sechost.dll	0x75440000	0x75458fff	Memory Mapped File	-	-	-
clbcatq.dll	0x75460000	0x754e2fff	Memory Mapped File	-	-	-
gdi32.dll	0x754f0000	0x7553dfff	Memory Mapped File	-	-	-
kernel32.dll	0x75540000	0x75613fff	Memory Mapped File	-	-	-
msvcrt.dll	0x75650000	0x756fbfff	Memory Mapped File	-	-	-
shell32.dll	0x75700000	0x76349fff	Memory Mapped File	-	-	-
ole32.dll	0x76360000	0x764bbfff	Memory Mapped File	-	-	-
rpcrt4.dll	0x764c0000	0x76560fff	Memory Mapped File	-	-	-
usp10.dll	0x76570000	0x7660cfff	Memory Mapped File	-	-	-
nsi.dll	0x76850000	0x76855fff	Memory Mapped File	-	-	-
ws2_32.dll	0x76870000	0x768a4fff	Memory Mapped File	-	-	-
oleaut32.dll	0x76ab0000	0x76b3efff	Memory Mapped File	-	-	-
user32.dll	0x76b40000	0x76c08fff	Memory Mapped File	-	-	-
ntdll.dll	0x76db0000	0x76eebfff	Memory Mapped File	-	-	-
lpk.dll	0x76f50000	0x76f59fff	Memory Mapped File	-	-	-
apisetschema.dll	0x76ff0000	0x76ff0fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffd7000	0x7ffd7000	0x7ffd7fff	Private Memory	-	-	-
private_0x000000007ffd8000	0x7ffd8000	0x7ffd8fff	Private Memory	-	-	-
private_0x000000007ffd9000	0x7ffd9000	0x7ffd9fff	Private Memory	-	-	-
private_0x000000007ffda000	0x7ffda000	0x7ffdafff	Private Memory	-	-	-
private_0x000000007ffdb000	0x7ffdb000	0x7ffdbfff	Private Memory	-	-	-
private_0x000000007ffdc000	0x7ffdc000	0x7ffdcfff	Private Memory	-	-	-
private_0x000000007ffdd000	0x7ffdd000	0x7ffddfff	Private Memory	-	-	-
private_0x000000007ffde000	0x7ffde000	0x7ffdefff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-

Threads

Thread 0x948

Category	Operation	Information	Count	Logfile
System	Get Time	type = System Time, time = 2018-07-19 09:50:03 (UTC)	1	Fn
System	Get Time	type = Ticks, time = 10914297	1	Fn
Module	Get Handle	module_name = c:\windows\system32\cscript.exe, base_address = 0xb80000	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Load	module_name = kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x755924c2	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 132, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = Enabled, data = 132, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = Enabled, data = 132, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 0, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = LogSecuritySuccesses, data = 0, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = LogSecuritySuccesses, data = 0, type = REG_NONE	1	Fn
Module	Load	module_name = kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = HeapSetInformation, address_out = 0x75594157	1	Fn
Module	Get Filename	module_name = c:\windows\system32\cscript.exe, process_name = c:\windows\system32\cscript.exe, file_name_orig = C:\Windows\system32\cscript.exe, size = 261	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 237, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = TrustPolicy, data = 124, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = UseWINSAFER, data = 237, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = TrustPolicy, data = 124, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = UseWINSAFER, data = 1, type = REG_SZ	1	Fn
Registry	Create Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = Timeout, data = 208, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = DisplayLogo, data = 1, type = REG_SZ	1	Fn
Registry	Create Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = Timeout, data = 208, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = DisplayLogo, data = 49, type = REG_NONE	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	1	Fn
File	Write	filename = STD_OUTPUT_HANDLE, size = 108	1	Fn Data
System	Sleep	duration = -1 (infinite)	1	Fn
Registry	Open Key	reg_name = HKEY_CLASSES_ROOT\.vbs	1	Fn
Registry	Read Value	reg_name = HKEY_CLASSES_ROOT\.vbs, data = VBSFile, type = REG_SZ	1	Fn
Registry	Open Key	reg_name = HKEY_CLASSES_ROOT\VBSFile\ScriptEngine	1	Fn
Registry	Read Value	reg_name = HKEY_CLASSES_ROOT\VBSFile\ScriptEngine, data = VBScript, type = REG_SZ	1	Fn
COM	Create	interface = 00000000-0000-0000-C000-000000000046, cls_context = CLSCTX_INPROC_SERVER, CLSCTX_INPROC_HANDLER, CLSCTX_LOCAL_SERVER, CLSCTX_REMOTE_SERVER	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Load	module_name = ole32.dll, base_address = 0x76360000	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = CoCreateInstance, address_out = 0x763a9d0b	1	Fn
COM	Create	interface = 6C736DC1-AB0D-11D0-A2AD-00A0C90F27E8, cls_context = CLSCTX_INPROC_SERVER	1	Fn
System	Get Time	type = Ticks, time = 10914407	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3068316261550961408.vbs, desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3068316261550961408.vbs, type = size	1	Fn
Module	Create Mapping	module_name = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3068316261550961408.vbs, filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3068316261550961408.vbs, protection = PAGE_READONLY, maximum_size = 281	1	Fn
Module	Map	C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3068316261550961408.vbs, process_name = c:\windows\system32\cscript.exe, desired_access = FILE_MAP_READ	1	Fn
Module	Unmap	process_name = c:\windows\system32\cscript.exe	1	Fn
System	Get Info	type = System Directory	1	Fn
System	Get Info	type = System Directory, result_out = C:\Windows\system32	1	Fn
Module	Load	module_name = C:\Windows\system32\advapi32.dll, base_address = 0x75280000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferIdentifyLevel, address_out = 0x752a2102	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferComputeTokenFromLevel, address_out = 0x752a3352	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferCloseLevel, address_out = 0x752a3825	1	Fn
System	Get Info	type = Operating System	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3068316261550961408.vbs, type = size	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3068316261550961408.vbs, size = 281, size_out = 281	1	Fn Data
COM	Create	interface = E4D1C9B0-46E8-11D4-A2A6-00104BD35090, cls_context = CLSCTX_INPROC_SERVER	1	Fn
System	Get Info	type = Operating System	1	Fn
System	Get Info	type = Hardware Information	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = CreateBindCtx, address_out = 0x763a6d2c	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = MkParseDisplayName, address_out = 0x7636cea9	1	Fn
System	Get Info	type = Operating System	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Wbem\Scripting	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Wbem\Scripting, value_name = Default Impersonation Level, data = 3	1	Fn
System	Get Info	type = System Directory, result_out = C:\Windows\system32	1	Fn
Module	Load	module_name = C:\Windows\system32\advapi32.dll, base_address = 0x75280000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = DuplicateTokenEx, address_out = 0x7528ca24	1	Fn
COM	Create	interface = DC12A687-737F-11CF-884D-00AA004B2E24, cls_context = CLSCTX_INPROC_SERVER	1	Fn
COM	Create	interface = 3BC15AF2-736C-477E-9E51-238AF8667DCC, cls_context = CLSCTX_INPROC_SERVER	5	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = BindMoniker, address_out = 0x7636c6a7	1	Fn
System	Sleep	duration = -1 (infinite)	1	Fn

Thread 0x960

Category	Operation	Information	Success	Count	Logfile
Window	Create	class_name = WSH-Timer, wndproc_parameter = 926512		1	Fn
Window	Set Attribute	class_name = WSH-Timer, index = 18446744073709551595, new_long = 926512		1	Fn

Process #28: cscript.exe

Information	Value
ID	#28
File Name	c:\windows\system32\cscript.exe
Command Line	cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1625750400979200631.vbs
Initial Working Directory	C:\Users\2XC7U6~1\AppData\Local\Temp\
Monitor	Start Time: 00:01:04, Reason: Child Process
Unmonitor	End Time: 00:01:06, Reason: Self Terminated
Monitor Duration	00:00:02

OS Process Information

Information	Value
PID	0x904
Parent PID	0x754 (c:\windows\system32\cmd.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x 908 0x 94C 0x 95C 0x 7F4 0x 5FC 0x 8AC 0x 158 0x 970

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	-	-	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000030000	0x00030000	0x00033fff	Pagefile Backed Memory	-	-	-
locale.nls	0x00040000	0x000a6fff	Memory Mapped File	-	-	-
pagefile_0x00000000000b0000	0x000b0000	0x000b6fff	Pagefile Backed Memory	-	-	-
pagefile_0x00000000000c0000	0x000c0000	0x000c1fff	Pagefile Backed Memory	-	-	-
cscript.exe.mui	0x000d0000	0x000d2fff	Memory Mapped File	-	-	-
private_0x00000000000e0000	0x000e0000	0x000e0fff	Private Memory	-	-	-
private_0x00000000000f0000	0x000f0000	0x000f0fff	Private Memory	-	-	-
rpcss.dll	0x00100000	0x0015bfff	Memory Mapped File	-	-	-
cscript.exe	0x00100000	0x0010bfff	Memory Mapped File	-	-	-
pagefile_0x0000000000110000	0x00110000	0x00110fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000120000	0x00120000	0x00120fff	Pagefile Backed Memory	-	-	-
retrive1625750400979200631.vbs	0x00130000	0x00130fff	Memory Mapped File	-	-	-
private_0x0000000000130000	0x00130000	0x0013ffff	Private Memory	-	-	-
retrive1625750400979200631.vbs	0x00140000	0x00140fff	Memory Mapped File	-	-	-
wbemdisp.tlb	0x00140000	0x0014efff	Memory Mapped File	-	-	-
private_0x0000000000160000	0x00160000	0x0025ffff	Private Memory	-	-	-
pagefile_0x0000000000260000	0x00260000	0x00327fff	Pagefile Backed Memory	-	-	-
private_0x0000000000350000	0x00350000	0x0035ffff	Private Memory	-	-	-
rsaenh.dll	0x00360000	0x0039bfff	Memory Mapped File	-	-	-
private_0x0000000000360000	0x00360000	0x003cffff	Private Memory	-	-	-
private_0x00000000003f0000	0x003f0000	0x004effff	Private Memory	-	-	-
pagefile_0x00000000004f0000	0x004f0000	0x005f0fff	Pagefile Backed Memory	-	-	-
private_0x0000000000600000	0x00600000	0x0069ffff	Private Memory	-	-	-
pagefile_0x00000000006a0000	0x006a0000	0x0077efff	Pagefile Backed Memory	-	-	-
private_0x00000000007c0000	0x007c0000	0x008bffff	Private Memory	-	-	-
private_0x00000000008f0000	0x008f0000	0x009effff	Private Memory	-	-	-
private_0x0000000000a10000	0x00a10000	0x00b0ffff	Private Memory	-	-	-
cscript.exe	0x00b80000	0x00ba1fff	Memory Mapped File	-	-	-
pagefile_0x0000000000bb0000	0x00bb0000	0x017affff	Pagefile Backed Memory	-	-	-
sortdefault.nls	0x017b0000	0x01a7efff	Memory Mapped File	-	-	-
pagefile_0x0000000001a80000	0x01a80000	0x01e7ffff	Pagefile Backed Memory	-	-	-
private_0x0000000001e80000	0x01e80000	0x01faffff	Private Memory	-	-	-
private_0x0000000001e80000	0x01e80000	0x01f7ffff	Private Memory	-	-	-
private_0x0000000001fa0000	0x01fa0000	0x01faffff	Private Memory	-	-	-
private_0x0000000001fe0000	0x01fe0000	0x020dffff	Private Memory	-	-	-
private_0x00000000020e0000	0x020e0000	0x0225ffff	Private Memory	-	-	-
private_0x0000000002310000	0x02310000	0x0240ffff	Private Memory	-	-	-
private_0x0000000002440000	0x02440000	0x0253ffff	Private Memory	-	-	-
private_0x0000000002620000	0x02620000	0x0271ffff	Private Memory	-	-	-
comctl32.dll	0x6cc00000	0x6cc83fff	Memory Mapped File	-	-	-
vbscript.dll	0x6cc90000	0x6ccfafff	Memory Mapped File	-	-	-
wbemdisp.dll	0x6cd30000	0x6cd60fff	Memory Mapped File	-	-	-
scrobj.dll	0x6cd70000	0x6cd9cfff	Memory Mapped File	-	-	-
wshext.dll	0x6cda0000	0x6cdb5fff	Memory Mapped File	-	-	-
msisip.dll	0x6da30000	0x6da37fff	Memory Mapped File	-	-	-
wmiutils.dll	0x70770000	0x70786fff	Memory Mapped File	-	-	-
wbemsvc.dll	0x70970000	0x7097efff	Memory Mapped File	-	-	-
wbemprox.dll	0x70d40000	0x70d49fff	Memory Mapped File	-	-	-
ntdsapi.dll	0x70d50000	0x70d67fff	Memory Mapped File	-	-	-
fastprox.dll	0x70d70000	0x70e05fff	Memory Mapped File	-	-	-
wbemcomn.dll	0x71280000	0x712dbfff	Memory Mapped File	-	-	-
dwmapi.dll	0x731f0000	0x73202fff	Memory Mapped File	-	-	-
uxtheme.dll	0x73530000	0x7356ffff	Memory Mapped File	-	-	-
version.dll	0x74450000	0x74458fff	Memory Mapped File	-	-	-
rsaenh.dll	0x74770000	0x747aafff	Memory Mapped File	-	-	-
cryptsp.dll	0x749d0000	0x749e5fff	Memory Mapped File	-	-	-
cryptbase.dll	0x74e50000	0x74e5bfff	Memory Mapped File	-	-	-
sxs.dll	0x74e60000	0x74ebefff	Memory Mapped File	-	-	-
rpcrtremote.dll	0x74ef0000	0x74efdfff	Memory Mapped File	-	-	-
msasn1.dll	0x74f70000	0x74f7bfff	Memory Mapped File	-	-	-
crypt32.dll	0x74f80000	0x7509cfff	Memory Mapped File	-	-	-
wintrust.dll	0x750c0000	0x750ecfff	Memory Mapped File	-	-	-
kernelbase.dll	0x75180000	0x751c9fff	Memory Mapped File	-	-	-
imm32.dll	0x75200000	0x7521efff	Memory Mapped File	-	-	-
shlwapi.dll	0x75220000	0x75276fff	Memory Mapped File	-	-	-
advapi32.dll	0x75280000	0x7531ffff	Memory Mapped File	-	-	-
msctf.dll	0x75370000	0x7543bfff	Memory Mapped File	-	-	-
sechost.dll	0x75440000	0x75458fff	Memory Mapped File	-	-	-
clbcatq.dll	0x75460000	0x754e2fff	Memory Mapped File	-	-	-
gdi32.dll	0x754f0000	0x7553dfff	Memory Mapped File	-	-	-
kernel32.dll	0x75540000	0x75613fff	Memory Mapped File	-	-	-
msvcrt.dll	0x75650000	0x756fbfff	Memory Mapped File	-	-	-
shell32.dll	0x75700000	0x76349fff	Memory Mapped File	-	-	-
ole32.dll	0x76360000	0x764bbfff	Memory Mapped File	-	-	-
rpcrt4.dll	0x764c0000	0x76560fff	Memory Mapped File	-	-	-
usp10.dll	0x76570000	0x7660cfff	Memory Mapped File	-	-	-
nsi.dll	0x76850000	0x76855fff	Memory Mapped File	-	-	-
ws2_32.dll	0x76870000	0x768a4fff	Memory Mapped File	-	-	-
oleaut32.dll	0x76ab0000	0x76b3efff	Memory Mapped File	-	-	-
user32.dll	0x76b40000	0x76c08fff	Memory Mapped File	-	-	-
ntdll.dll	0x76db0000	0x76eebfff	Memory Mapped File	-	-	-
lpk.dll	0x76f50000	0x76f59fff	Memory Mapped File	-	-	-
apisetschema.dll	0x76ff0000	0x76ff0fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffd7000	0x7ffd7000	0x7ffd7fff	Private Memory	-	-	-
private_0x000000007ffd8000	0x7ffd8000	0x7ffd8fff	Private Memory	-	-	-
private_0x000000007ffd9000	0x7ffd9000	0x7ffd9fff	Private Memory	-	-	-
private_0x000000007ffda000	0x7ffda000	0x7ffdafff	Private Memory	-	-	-
private_0x000000007ffdb000	0x7ffdb000	0x7ffdbfff	Private Memory	-	-	-
private_0x000000007ffdc000	0x7ffdc000	0x7ffdcfff	Private Memory	-	-	-
private_0x000000007ffdd000	0x7ffdd000	0x7ffddfff	Private Memory	-	-	-
private_0x000000007ffde000	0x7ffde000	0x7ffdefff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-

Threads

Thread 0x908

Category	Operation	Information	Count	Logfile
System	Get Time	type = System Time, time = 2018-07-19 09:50:03 (UTC)	1	Fn
System	Get Time	type = Ticks, time = 10914251	1	Fn
Module	Get Handle	module_name = c:\windows\system32\cscript.exe, base_address = 0xb80000	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Load	module_name = kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x755924c2	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 84, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = Enabled, data = 84, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = Enabled, data = 84, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 0, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = LogSecuritySuccesses, data = 0, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = LogSecuritySuccesses, data = 0, type = REG_NONE	1	Fn
Module	Load	module_name = kernel32.dll, base_address = 0x75540000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = HeapSetInformation, address_out = 0x75594157	1	Fn
Module	Get Filename	module_name = c:\windows\system32\cscript.exe, process_name = c:\windows\system32\cscript.exe, file_name_orig = C:\Windows\system32\cscript.exe, size = 261	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 237, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = TrustPolicy, data = 103, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = UseWINSAFER, data = 237, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = TrustPolicy, data = 103, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = UseWINSAFER, data = 1, type = REG_SZ	1	Fn
Registry	Create Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = Timeout, data = 160, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = DisplayLogo, data = 1, type = REG_SZ	1	Fn
Registry	Create Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = Timeout, data = 160, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = DisplayLogo, data = 49, type = REG_NONE	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	1	Fn
File	Write	filename = STD_OUTPUT_HANDLE, size = 108	1	Fn Data
System	Sleep	duration = -1 (infinite)	1	Fn
Registry	Open Key	reg_name = HKEY_CLASSES_ROOT\.vbs	1	Fn
Registry	Read Value	reg_name = HKEY_CLASSES_ROOT\.vbs, data = VBSFile, type = REG_SZ	1	Fn
Registry	Open Key	reg_name = HKEY_CLASSES_ROOT\VBSFile\ScriptEngine	1	Fn
Registry	Read Value	reg_name = HKEY_CLASSES_ROOT\VBSFile\ScriptEngine, data = VBScript, type = REG_SZ	1	Fn
COM	Create	interface = 00000000-0000-0000-C000-000000000046, cls_context = CLSCTX_INPROC_SERVER, CLSCTX_INPROC_HANDLER, CLSCTX_LOCAL_SERVER, CLSCTX_REMOTE_SERVER	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Load	module_name = ole32.dll, base_address = 0x76360000	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = CoCreateInstance, address_out = 0x763a9d0b	1	Fn
COM	Create	interface = 6C736DC1-AB0D-11D0-A2AD-00A0C90F27E8, cls_context = CLSCTX_INPROC_SERVER	1	Fn
System	Get Time	type = Ticks, time = 10914344	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1625750400979200631.vbs, desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1625750400979200631.vbs, type = size	1	Fn
Module	Create Mapping	module_name = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1625750400979200631.vbs, filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1625750400979200631.vbs, protection = PAGE_READONLY, maximum_size = 281	1	Fn
Module	Map	C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1625750400979200631.vbs, process_name = c:\windows\system32\cscript.exe, desired_access = FILE_MAP_READ	1	Fn
Module	Unmap	process_name = c:\windows\system32\cscript.exe	1	Fn
System	Get Info	type = System Directory	1	Fn
System	Get Info	type = System Directory, result_out = C:\Windows\system32	1	Fn
Module	Load	module_name = C:\Windows\system32\advapi32.dll, base_address = 0x75280000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferIdentifyLevel, address_out = 0x752a2102	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferComputeTokenFromLevel, address_out = 0x752a3352	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferCloseLevel, address_out = 0x752a3825	1	Fn
System	Get Info	type = Operating System	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1625750400979200631.vbs, type = size	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1625750400979200631.vbs, size = 281, size_out = 281	1	Fn Data
COM	Create	interface = E4D1C9B0-46E8-11D4-A2A6-00104BD35090, cls_context = CLSCTX_INPROC_SERVER	1	Fn
System	Get Info	type = Operating System	1	Fn
System	Get Info	type = Hardware Information	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = CreateBindCtx, address_out = 0x763a6d2c	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = MkParseDisplayName, address_out = 0x7636cea9	1	Fn
System	Get Info	type = Operating System	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Wbem\Scripting	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Wbem\Scripting, value_name = Default Impersonation Level, data = 3	1	Fn
System	Get Info	type = System Directory, result_out = C:\Windows\system32	1	Fn
Module	Load	module_name = C:\Windows\system32\advapi32.dll, base_address = 0x75280000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = DuplicateTokenEx, address_out = 0x7528ca24	1	Fn
COM	Create	interface = DC12A687-737F-11CF-884D-00AA004B2E24, cls_context = CLSCTX_INPROC_SERVER	1	Fn
COM	Create	interface = 3BC15AF2-736C-477E-9E51-238AF8667DCC, cls_context = CLSCTX_INPROC_SERVER	5	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = BindMoniker, address_out = 0x7636c6a7	1	Fn
System	Sleep	duration = -1 (infinite)	1	Fn

Thread 0x95c

Category	Operation	Information	Success	Count	Logfile
Window	Create	class_name = WSH-Timer, wndproc_parameter = 3482416		1	Fn
Window	Set Attribute	class_name = WSH-Timer, index = 18446744073709551595, new_long = 3482416		1	Fn

Process #30: javaw.exe

5574

Information	Value
ID	#30
File Name	c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\javaw.exe
Command Line	"C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\javaw.exe" -jar "C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm"
Initial Working Directory	C:\Windows\system32\
Monitor	Start Time: 00:01:48, Reason: Autostart
Unmonitor	End Time: 00:05:11, Reason: Terminated by Timeout
Monitor Duration	00:03:23

OS Process Information

Information	Value
PID	0x35c
Parent PID	0x7f4 (c:\windows\explorer.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x 378 0x 158 0x 3A0 0x 4DC 0x 4E0 0x 4D4 0x 4C4 0x 4CC 0x 4C0 0x 4BC 0x 5E4 0x 344 0x 318 0x 314 0x 57C 0x 134 0x 4D8 0x 6B0 0x 76C 0x 15C 0x 74C 0x 46C 0x 558 0x 250 0x 4B4 0x 21C 0x 318 0x 340

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	-	-	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
private_0x0000000000020000	0x00020000	0x00020fff	Private Memory	-	-	-
pagefile_0x0000000000030000	0x00030000	0x00033fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000040000	0x00040000	0x00042fff	Pagefile Backed Memory	-	-	-
locale.nls	0x00050000	0x000b6fff	Memory Mapped File	-	-	-
private_0x00000000000c0000	0x000c0000	0x000c0fff	Private Memory	-	-	-
tzres.dll	0x000d0000	0x000d0fff	Memory Mapped File	-	-	-
pagefile_0x00000000000d0000	0x000d0000	0x000d0fff	Pagefile Backed Memory	-	-	-
pagefile_0x00000000000e0000	0x000e0000	0x000e1fff	Pagefile Backed Memory	-	-	-
pagefile_0x00000000000f0000	0x000f0000	0x000f6fff	Pagefile Backed Memory	-	-	-
private_0x0000000000100000	0x00100000	0x0014ffff	Private Memory	-	-	-
pagefile_0x0000000000150000	0x00150000	0x00217fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000220000	0x00220000	0x00221fff	Pagefile Backed Memory	-	-	-
private_0x0000000000230000	0x00230000	0x00230fff	Private Memory	-	-	-
private_0x0000000000240000	0x00240000	0x00240fff	Private Memory	-	-	-
860	0x00250000	0x0025ffff	Memory Mapped File	-	-	-
private_0x0000000000260000	0x00260000	0x0028ffff	Private Memory	-	-	-
javaw.exe	0x00290000	0x002befff	Memory Mapped File	-	-	-
pagefile_0x00000000002c0000	0x002c0000	0x003c0fff	Pagefile Backed Memory	-	-	-
private_0x00000000003d0000	0x003d0000	0x0042ffff	Private Memory	-	-	-
private_0x0000000000430000	0x00430000	0x0043ffff	Private Memory	-	-	-
private_0x0000000000440000	0x00440000	0x0044ffff	Private Memory	-	-	-
private_0x0000000000450000	0x00450000	0x0045ffff	Private Memory	-	-	-
private_0x0000000000460000	0x00460000	0x0046ffff	Private Memory	-	-	-
rsaenh.dll	0x00470000	0x004abfff	Memory Mapped File	-	-	-
private_0x00000000004b0000	0x004b0000	0x005affff	Private Memory	-	-	-
pagefile_0x00000000005b0000	0x005b0000	0x011affff	Pagefile Backed Memory	-	-	-
private_0x00000000011b0000	0x011b0000	0x012affff	Private Memory	-	-	-
private_0x00000000011b0000	0x011b0000	0x0125ffff	Private Memory	-	-	-
private_0x00000000011d0000	0x011d0000	0x0121ffff	Private Memory	-	-	-
private_0x0000000001250000	0x01250000	0x0125ffff	Private Memory	-	-	-
private_0x00000000012a0000	0x012a0000	0x012affff	Private Memory	-	-	-
private_0x00000000012b0000	0x012b0000	0x013affff	Private Memory	-	-	-
pagefile_0x00000000013b0000	0x013b0000	0x017a2fff	Pagefile Backed Memory	-	-	-
private_0x00000000017b0000	0x017b0000	0x0189ffff	Private Memory	-	-	-
private_0x00000000017b0000	0x017b0000	0x0182ffff	Private Memory	-	-	-
private_0x0000000001860000	0x01860000	0x0189ffff	Private Memory	-	-	-
private_0x00000000018a0000	0x018a0000	0x0199ffff	Private Memory	-	-	-
private_0x00000000019a0000	0x019a0000	0x0399ffff	Private Memory	-	-	-
private_0x00000000039a0000	0x039a0000	0x03a4ffff	Private Memory	-	-	-
private_0x0000000003a90000	0x03a90000	0x03adffff	Private Memory	-	-	-
private_0x0000000003b10000	0x03b10000	0x03b5ffff	Private Memory	-	-	-
private_0x0000000003b80000	0x03b80000	0x03bcffff	Private Memory	-	-	-
private_0x0000000003c70000	0x03c70000	0x03cbffff	Private Memory	-	-	-
private_0x0000000003ce0000	0x03ce0000	0x03d2ffff	Private Memory	-	-	-
private_0x0000000003d70000	0x03d70000	0x03dbffff	Private Memory	-	-	-
private_0x0000000003e70000	0x03e70000	0x03ebffff	Private Memory	-	-	-
private_0x0000000003f50000	0x03f50000	0x03f9ffff	Private Memory	-	-	-
private_0x0000000003fa0000	0x03fa0000	0x0419ffff	Private Memory	-	-	-
sortdefault.nls	0x041a0000	0x0446efff	Memory Mapped File	-	-	-
private_0x0000000004470000	0x04470000	0x0456ffff	Private Memory	-	-	-
kernelbase.dll.mui	0x04470000	0x0452ffff	Memory Mapped File	-	-	-
private_0x0000000004530000	0x04530000	0x0456ffff	Private Memory	-	-	-
private_0x0000000004570000	0x04570000	0x0468ffff	Private Memory	-	-	-
private_0x00000000045a0000	0x045a0000	0x045effff	Private Memory	-	-	-
private_0x0000000004680000	0x04680000	0x0468ffff	Private Memory	-	-	-
private_0x0000000004690000	0x04690000	0x0476ffff	Private Memory	-	-	-
private_0x0000000004770000	0x04770000	0x048fffff	Private Memory	-	-	-
private_0x0000000004770000	0x04770000	0x0486ffff	Private Memory	-	-	-
private_0x00000000048c0000	0x048c0000	0x048fffff	Private Memory	-	-	-
private_0x0000000004900000	0x04900000	0x04cfffff	Private Memory	-	-	-
private_0x0000000004d00000	0x04d00000	0x054fffff	Private Memory	-	-	-
private_0x00000000236d0000	0x236d0000	0x394cffff	Private Memory	-	-	-
private_0x00000000236d0000	0x236d0000	0x28c1ffff	Private Memory	-	-	-
private_0x0000000028c20000	0x28c20000	0x394cffff	Private Memory	-	-	-
private_0x0000000028c20000	0x28c20000	0x336cffff	Private Memory	-	-	-
private_0x00000000336d0000	0x336d0000	0x394cffff	Private Memory	-	-	-
private_0x00000000336d0000	0x336d0000	0x376cffff	Private Memory	-	-	-
private_0x00000000376d0000	0x376d0000	0x394cffff	Private Memory	-	-	-
private_0x00000000376d0000	0x376d0000	0x380cffff	Private Memory	-	-	-
private_0x00000000376d0000	0x376d0000	0x37b0ffff	Private Memory	-	-	-
classes.jsa	0x376d0000	0x37b0ffff	Memory Mapped File	-	-	-
private_0x0000000037b10000	0x37b10000	0x380cffff	Private Memory	-	-	-
private_0x00000000380d0000	0x380d0000	0x394cffff	Private Memory	-	-	-
private_0x00000000380d0000	0x380d0000	0x38ccffff	Private Memory	-	-	-
private_0x00000000380d0000	0x380d0000	0x3871ffff	Private Memory	-	-	-
classes.jsa	0x380d0000	0x3871ffff	Memory Mapped File	-	-	-
private_0x0000000038720000	0x38720000	0x38ccffff	Private Memory	-	-	-
private_0x0000000038cd0000	0x38cd0000	0x394cffff	Private Memory	-	-	-
private_0x0000000038cd0000	0x38cd0000	0x390cffff	Private Memory	-	-	-
private_0x0000000038cd0000	0x38cd0000	0x38f3ffff	Private Memory	-	-	-
classes.jsa	0x38cd0000	0x38f3ffff	Memory Mapped File	-	-	-
private_0x0000000038f40000	0x38f40000	0x390cffff	Private Memory	-	-	-
private_0x00000000390d0000	0x390d0000	0x394cffff	Private Memory	-	-	-
private_0x00000000390d0000	0x390d0000	0x390dffff	Private Memory	-	-	-
private_0x00000000390e0000	0x390e0000	0x394cffff	Private Memory	-	-	-
awt.dll	0x6fae0000	0x6fc22fff	Memory Mapped File	-	-	-
net.dll	0x6fe40000	0x6fe53fff	Memory Mapped File	-	-	-
sunec.dll	0x6fe60000	0x6fe7ffff	Memory Mapped File	-	-	-
zip.dll	0x6fe80000	0x6fe92fff	Memory Mapped File	-	-	-
java.dll	0x6fea0000	0x6febffff	Memory Mapped File	-	-	-
msvcr100.dll	0x700e0000	0x7019efff	Memory Mapped File	-	-	-
winrnr.dll	0x702b0000	0x702b7fff	Memory Mapped File	-	-	-
pnrpnsp.dll	0x702c0000	0x702d1fff	Memory Mapped File	-	-	-
napinsp.dll	0x702e0000	0x702effff	Memory Mapped File	-	-	-
winmm.dll	0x704a0000	0x704d1fff	Memory Mapped File	-	-	-
rasadhlp.dll	0x719f0000	0x719f5fff	Memory Mapped File	-	-	-
nio.dll	0x71c10000	0x71c1efff	Memory Mapped File	-	-	-
verify.dll	0x71c20000	0x71c2bfff	Memory Mapped File	-	-	-
jvm.dll	0x72880000	0x72bfffff	Memory Mapped File	-	-	-
fwpuclnt.dll	0x73260000	0x73297fff	Memory Mapped File	-	-	-
winnsi.dll	0x73370000	0x73376fff	Memory Mapped File	-	-	-
iphlpapi.dll	0x73380000	0x7339bfff	Memory Mapped File	-	-	-
nlaapi.dll	0x734e0000	0x734effff	Memory Mapped File	-	-	-
wsock32.dll	0x73a30000	0x73a36fff	Memory Mapped File	-	-	-
comctl32.dll	0x74110000	0x742adfff	Memory Mapped File	-	-	-
wshtcpip.dll	0x74710000	0x74714fff	Memory Mapped File	-	-	-
userenv.dll	0x747e0000	0x747f6fff	Memory Mapped File	-	-	-
rsaenh.dll	0x749a0000	0x749dafff	Memory Mapped File	-	-	-
dnsapi.dll	0x74a80000	0x74ac3fff	Memory Mapped File	-	-	-
wship6.dll	0x74bb0000	0x74bb5fff	Memory Mapped File	-	-	-
mswsock.dll	0x74bc0000	0x74bfbfff	Memory Mapped File	-	-	-
cryptsp.dll	0x74c00000	0x74c15fff	Memory Mapped File	-	-	-
cryptbase.dll	0x75080000	0x7508bfff	Memory Mapped File	-	-	-
profapi.dll	0x75130000	0x7513afff	Memory Mapped File	-	-	-
kernelbase.dll	0x753e0000	0x75429fff	Memory Mapped File	-	-	-
shlwapi.dll	0x75480000	0x754d6fff	Memory Mapped File	-	-	-
psapi.dll	0x754e0000	0x754e4fff	Memory Mapped File	-	-	-
sechost.dll	0x754f0000	0x75508fff	Memory Mapped File	-	-	-
oleaut32.dll	0x75510000	0x7559efff	Memory Mapped File	-	-	-
kernel32.dll	0x755a0000	0x75673fff	Memory Mapped File	-	-	-
user32.dll	0x75880000	0x75948fff	Memory Mapped File	-	-	-
usp10.dll	0x75950000	0x759ecfff	Memory Mapped File	-	-	-
ole32.dll	0x75c90000	0x75debfff	Memory Mapped File	-	-	-
advapi32.dll	0x75df0000	0x75e8ffff	Memory Mapped File	-	-	-
gdi32.dll	0x75ec0000	0x75f0dfff	Memory Mapped File	-	-	-
lpk.dll	0x75f10000	0x75f19fff	Memory Mapped File	-	-	-
nsi.dll	0x76100000	0x76105fff	Memory Mapped File	-	-	-
msvcrt.dll	0x76110000	0x761bbfff	Memory Mapped File	-	-	-
rpcrt4.dll	0x761c0000	0x76260fff	Memory Mapped File	-	-	-
ws2_32.dll	0x76fa0000	0x76fd4fff	Memory Mapped File	-	-	-
ntdll.dll	0x76fe0000	0x7711bfff	Memory Mapped File	-	-	-
imm32.dll	0x77120000	0x7713efff	Memory Mapped File	-	-	-
msctf.dll	0x77140000	0x7720bfff	Memory Mapped File	-	-	-
apisetschema.dll	0x77220000	0x77220fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffd4000	0x7ffd4000	0x7ffd4fff	Private Memory	-	-	-
private_0x000000007ffd5000	0x7ffd5000	0x7ffd5fff	Private Memory	-	-	-
private_0x000000007ffd6000	0x7ffd6000	0x7ffd6fff	Private Memory	-	-	-
private_0x000000007ffd7000	0x7ffd7000	0x7ffd7fff	Private Memory	-	-	-
private_0x000000007ffd8000	0x7ffd8000	0x7ffd8fff	Private Memory	-	-	-
private_0x000000007ffd9000	0x7ffd9000	0x7ffd9fff	Private Memory	-	-	-
private_0x000000007ffda000	0x7ffda000	0x7ffdafff	Private Memory	-	-	-
private_0x000000007ffdb000	0x7ffdb000	0x7ffdbfff	Private Memory	-	-	-
private_0x000000007ffdc000	0x7ffdc000	0x7ffdcfff	Private Memory	-	-	-
private_0x000000007ffdd000	0x7ffdd000	0x7ffddfff	Private Memory	-	-	-
private_0x000000007ffde000	0x7ffde000	0x7ffdefff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-
For performance reasons, the remaining 33 entries are omitted. The remaining entries can be found in flog.txt.

Created Files

Filename	File Size	Hash Values	YARA Match	Actions
C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs	0.27 KB	MD5: a32c109297ed1ca155598cd295c26611 SHA1: dc4a1fdbaad15ddd6fe22d3907c6b03727b71510 SHA256: 45bfe34aa3ef932f75101246eb53d032f5e7cf6d1f5b4e495334955a255f32e7 SSDeep: 6:jpxiFtqvAAT+geD5NaqZxLMTQQQavbx3la2Zp6djsyn:vmtqvAndZFcQU9lrXyjsyn		... File Actions Show Properties Download
C:\Users\2XC7U6~1\AppData\Local\Temp\\hsperfdata_2XC7u663GxWc\860	64.00 KB	MD5: fcd6bcb56c1689fcef28b57c22475bad SHA1: 1adc95bebe9eea8c112d40cd04ab7a8d75c4f961 SHA256: de2f256064a0af797747c2b97505dc0b9f3df0de4f489eac731c23ae9ca9cc31 SSDeep: 3::		... File Actions Show Properties Download

Threads

Thread 0x378

Category	Operation	Information	Count	Logfile
System	Get Time	type = System Time, time = 1627-02-05 14:07:00 (UTC)	1	Fn
System	Get Time	type = Ticks, time = 23462	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = FlsAlloc, address_out = 0x755f418d	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = FlsGetValue, address_out = 0x755f1e16	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = FlsSetValue, address_out = 0x755f76e6	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = FlsFree, address_out = 0x755f1f61	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	1	Fn
File	Open	filename = STD_ERROR_HANDLE	1	Fn
Environment	Get Environment String	-	1	Fn Data
Module	Get Filename	process_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\javaw.exe, file_name_orig = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\javaw.exe, size = 260	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, type = file_type	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 22, size_out = 22	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 1024, size_out = 1024	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 100, size_out = 100	1	Fn Data
Module	Get Filename	process_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\javaw.exe, file_name_orig = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\javaw.exe, size = 260	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\i386\jvm.cfg, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\i386\jvm.cfg, type = file_type	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\i386\jvm.cfg, size = 4096, size_out = 686	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\i386\jvm.cfg, size = 4096, size_out = 0	1	Fn
Module	Get Filename	process_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\javaw.exe, file_name_orig = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\javaw.exe, size = 260	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\msvcr100.dll, type = file_attributes	1	Fn
Module	Load	module_name = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\msvcr100.dll, base_address = 0x700e0000	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = FlsAlloc, address_out = 0x755f418d	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = FlsGetValue, address_out = 0x755f1e16	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = FlsSetValue, address_out = 0x755f76e6	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = FlsFree, address_out = 0x755f1f61	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	1	Fn
File	Open	filename = STD_ERROR_HANDLE	1	Fn
Environment	Get Environment String	-	1	Fn Data
System	Get Time	type = System Time, time = 1627-02-05 14:07:02 (UTC)	1	Fn
Module	Load	module_name = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\jvm.dll, base_address = 0x72880000	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\client\jvm.dll, function = JNI_CreateJavaVM, address_out = 0x72948e70	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\client\jvm.dll, function = JNI_GetDefaultJavaVMInitArgs, address_out = 0x7293e340	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn

Thread 0x158

4654

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Info	type = Hardware Information	1	Fn
System	Get Info	type = Operating System	1	Fn
Environment	Get Environment String	name = _ALT_JAVA_HOME_DIR	1	Fn
Module	Get Filename	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\client\jvm.dll, process_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\javaw.exe, file_name_orig = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\jvm.dll, size = 260	1	Fn
Module	Get Filename	process_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\javaw.exe, file_name_orig = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\javaw.exe, size = 260	1	Fn
System	Get Info	type = Windows Directory, result_out = C:\Windows	1	Fn
System	Get Info	type = System Directory, result_out = C:\Windows\system32	1	Fn
System	Get Info	type = Windows Directory, result_out = C:\Windows	2	Fn
Module	Load	module_name = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\verify.dll, base_address = 0x71c20000	1	Fn
Module	Load	module_name = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\java.dll, base_address = 0x6fea0000	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, address_out = 0x6fea6fcf	1	Fn
Environment	Get Environment String	name = JAVA_TOOL_OPTIONS	1	Fn
Environment	Get Environment String	name = _JAVA_OPTIONS	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\endorsed, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:05 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\\hsperfdata_2XC7u663GxWc, type = file_attributes	2	Fn
Module	Get Handle	module_name = c:\windows\system32\advapi32.dll, base_address = 0x75df0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SetSecurityDescriptorControl, address_out = 0x75e17a8b	1	Fn
Module	Get Handle	module_name = c:\windows\system32\advapi32.dll, base_address = 0x75df0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SetSecurityDescriptorControl, address_out = 0x75e17a8b	1	Fn
Module	Get Handle	module_name = c:\windows\system32\advapi32.dll, base_address = 0x75df0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SetSecurityDescriptorControl, address_out = 0x75e17a8b	1	Fn
File	Create Directory	C:\Users\2XC7U6~1\AppData\Local\Temp\\hsperfdata_2XC7u663GxWc	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\\hsperfdata_2XC7u663GxWc, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\\hsperfdata_2XC7u663GxWc\860, desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_FLAG_DELETE_ON_CLOSE, share_mode = FILE_SHARE_READ, FILE_SHARE_DELETE	1	Fn
Module	Create Mapping	module_name = C:\Users\2XC7U6~1\AppData\Local\Temp\\hsperfdata_2XC7u663GxWc\860, filename = C:\Users\2XC7U6~1\AppData\Local\Temp\\hsperfdata_2XC7u663GxWc\860, protection = PAGE_READWRITE, maximum_size = 65536	1	Fn
Module	Map	C:\Users\2XC7U6~1\AppData\Local\Temp\\hsperfdata_2XC7u663GxWc\860, process_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\javaw.exe, desired_access = FILE_MAP_ALL_ACCESS	1	Fn
Module	Load	module_name = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\zip.dll, base_address = 0x6fe80000	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = ZIP_Open, address_out = 0x6fe83af6	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = ZIP_Close, address_out = 0x6fe83a1c	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = ZIP_FindEntry, address_out = 0x6fe83661	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = ZIP_ReadEntry, address_out = 0x6fe83697	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = ZIP_ReadMappedEntry, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = ZIP_GetNextEntry, address_out = 0x6fe83622	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = Canonicalize, address_out = 0x6fea5f09	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\meta-index, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\meta-index, type = file_type	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\meta-index, size = 4096, size_out = 2190	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\meta-index, size = 4096, size_out = 0	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, type = file_type	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, size = 2416, size_out = 2416	1	Fn Data
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ	1	Fn
Module	Create Mapping	module_name = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, protection = PAGE_WRITECOPY, maximum_size = 0	1	Fn
Module	Map	C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, process_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\javaw.exe, desired_access = FILE_MAP_READ	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ	1	Fn
Module	Create Mapping	module_name = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, protection = PAGE_WRITECOPY, maximum_size = 0	1	Fn
Module	Map	C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, process_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\javaw.exe, desired_access = FILE_MAP_COPY	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ	1	Fn
Module	Create Mapping	module_name = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, protection = PAGE_WRITECOPY, maximum_size = 0	1	Fn
Module	Map	C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, process_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\javaw.exe, desired_access = FILE_MAP_COPY	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, size = 65536, size_out = 65536	1	Fn Data
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Object_registerNatives@8, address_out = 0x6fea20dc	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_System_registerNatives@8, address_out = 0x6fea3035	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:05 (UTC)	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_System_identityHashCode@12, address_out = 0x6fea3050	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Thread_registerNatives@8, address_out = 0x6fea467c	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_security_AccessController_getStackAccessControlContext@8, address_out = 0x6fea1064	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_security_AccessController_getInheritedAccessControlContext@8, address_out = 0x6fea1069	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_security_AccessController_doPrivileged@12, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_ClassLoader_registerNatives@8, address_out = 0x6fea1498	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_security_AccessController_doPrivileged__Ljava_security_PrivilegedAction_2@12, address_out = 0x6fea1000	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	2	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Class_registerNatives@8, address_out = 0x6fea12da	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Class_getPrimitiveClass@12, address_out = 0x6fea1445	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Float_floatToRawIntBits@12, address_out = 0x6fea20cc	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Double_doubleToRawLongBits@16, address_out = 0x6fea1ce8	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_sun_misc_VM_initialize@8, address_out = 0x6fea87ac	1	Fn
Module	Get Handle	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\client\jvm.dll, base_address = 0x72880000	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\client\jvm.dll, function = JVM_GetVersionInfo, address_out = 0x7296d980	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_System_initProperties@12, address_out = 0x6fea3350	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = GetNativeSystemInfo, address_out = 0x755dbe77	1	Fn
System	Get Info	type = Hardware Information	2	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, value_name = Desktop, data = C:\Users\2XC7u663GxWc\Desktop, type = REG_SZ	1	Fn
Module	Get Handle	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\client\jvm.dll, base_address = 0x72880000	1	Fn
Module	Get Filename	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\client\jvm.dll, process_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\javaw.exe, file_name_orig = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\jvm.dll, size = 260	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = NewStringPlatform, address_out = 0x6fea6cc9	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Runtime_maxMemory@8, address_out = 0x6fea2ca7	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Throwable_fillInStackTrace@12, address_out = 0x6fea4697	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_sun_reflect_Reflection_getCallerClass@8, address_out = 0x6fea7d85	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_String_intern@8, address_out = 0x6fea12d5	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_FileInputStream_initIDs@8, address_out = 0x6fea1dd1	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_FileDescriptor_initIDs@8, address_out = 0x6fea1d29	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 7, size_out = 7	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1781193, size_out = 1781193	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 709, size_out = 709	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 277, size_out = 277	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_FileDescriptor_set@12, address_out = 0x6fea1d6a	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_FileOutputStream_initIDs@8, address_out = 0x6fea1fbf	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2305, size_out = 2305	1	Fn Data
System	Get Time	type = System Time, time = 1627-02-05 14:07:05 (UTC)	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Runtime_freeMemory@8, address_out = 0x6fea2c97	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:05 (UTC)	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_System_setIn0@12, address_out = 0x6fea44d1	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Object_getClass@8, address_out = 0x6fea20f7	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Class_forName0@20, address_out = 0x6fea1300	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1022, size_out = 1022	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_sun_reflect_Reflection_getClassAccessFlags@12, address_out = 0x6fea7da3	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_sun_reflect_NativeConstructorAccessorImpl_newInstance0@16, address_out = 0x6fea7d71	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2882, size_out = 2882	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 104, size_out = 104	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 728, size_out = 728	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 345, size_out = 345	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_System_setOut0@12, address_out = 0x6fea4507	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_System_setErr0@12, address_out = 0x6fea453d	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_FileSystem_getFileSystem@8, address_out = 0x6fea1cfb	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_Win32FileSystem_initIDs@8, address_out = 0x6fea8f36	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_WinNTFileSystem_initIDs@8, address_out = 0x6fea9b30	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = GetFinalPathNameByHandleW, address_out = 0x755d4e2a	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_System_mapLibraryName@12, address_out = 0x6fea4594	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 815, size_out = 815	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_WinNTFileSystem_getBooleanAttributes@12, address_out = 0x6feaa1a8	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\zip.dll, type = file_attributes	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_WinNTFileSystem_canonicalize0@12, address_out = 0x6fea9e1d	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:05 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\zip.dll, type = file_attributes	2	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:05 (UTC)	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_ClassLoader_00024NativeLibrary_load@12, address_out = 0x6fea18e4	1	Fn
Module	Load	module_name = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\zip.dll, base_address = 0x6fe80000	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _JNI_OnLoad@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = JNI_OnLoad, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_sun_misc_Signal_findSignal@12, address_out = 0x6fea46b5	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_sun_misc_Signal_handle0@20, address_out = 0x6fea46ef	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_sun_io_Win32ErrorMode_setErrorMode@16, address_out = 0x6feac3d5	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Compiler_registerNatives@8, address_out = 0x6fea1b79	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:05 (UTC)	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Class_isAssignableFrom@12, address_out = 0x6fea141b	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1105, size_out = 1105	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1761, size_out = 1761	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_concurrent_atomic_AtomicLong_VMSupportsCS8@8, address_out = 0x6fea83ed	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 514, size_out = 514	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 970, size_out = 970	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2589, size_out = 2589	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1008, size_out = 1008	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_security_AccessController_doPrivileged@12, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_ClassLoader_00024NativeLibrary_find@12, address_out = 0x6fea1ae7	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_security_AccessController_doPrivileged@12, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_security_AccessController_doPrivileged__Ljava_security_PrivilegedExceptionAction_2@12, address_out = 0x6fea1032	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\meta-index, type = file_attributes	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_FileInputStream_open@12, address_out = 0x6fea1df4	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\meta-index, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2004, size_out = 2004	1	Fn Data
System	Get Time	type = System Time, time = 1627-02-05 14:07:05 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext, type = file_attributes	2	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 669, size_out = 669	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_FileInputStream_readBytes@20, address_out = 0x6fea1e2c	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\meta-index, size = 8192, size_out = 829	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_FileInputStream_available@8, address_out = 0x6fea1f10	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\meta-index, type = file_type	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\meta-index, type = size, size_out = 829	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_reflect_Array_newArray@16, address_out = 0x6fea12ad	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 962, size_out = 962	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 934, size_out = 934	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1720, size_out = 1720	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1012, size_out = 1012	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Runtime_availableProcessors@8, address_out = 0x6fea2d11	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3028, size_out = 3028	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1111, size_out = 1111	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2976, size_out = 2976	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 672, size_out = 672	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1189, size_out = 1189	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2646, size_out = 2646	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\meta-index, size = 8192, size_out = 0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_FileInputStream_close0@8, address_out = 0x6fea1fa6	1	Fn
File	Get Info	filename = C:\Windows\Sun\Java\lib\ext\meta-index, type = file_attributes	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_WinNTFileSystem_list@12, address_out = 0x6feaa570	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:05 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\access-bridge.jar, type = file_attributes	2	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:05 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\access-bridge.jar, type = file_attributes	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 966, size_out = 966	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 800, size_out = 800	1	Fn Data
System	Get Time	type = System Time, time = 1627-02-05 14:07:05 (UTC)	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_WinNTFileSystem_canonicalizeWithPrefix0@16, address_out = 0x6fea9f47	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:05 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\dnsns.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:05 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\jaccess.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:05 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\localedata.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:05 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:05 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:05 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:05 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunpkcs11.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:05 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\zipfs.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Windows\Sun\Java\lib\ext, type = file_attributes	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1280, size_out = 1280	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 609, size_out = 609	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 628, size_out = 628	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 328, size_out = 328	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 327, size_out = 327	1	Fn Data
System	Get Time	type = System Time, time = 1627-02-05 14:07:05 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, type = file_attributes	2	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:05 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, type = file_attributes	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	4	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\management\usagetracker.properties, type = file_attributes	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Module	Get Handle	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\client\jvm.dll, base_address = 0x72880000	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\client\jvm.dll, function = JVM_FindClassFromBootLoader, address_out = 0x72975a90	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 12212, size_out = 12212	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_ZipFile_initIDs@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_ZipFile_initIDs@8, address_out = 0x6fe8190b	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 748, size_out = 748	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 6630, size_out = 6630	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3392, size_out = 3392	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_WinNTFileSystem_getLastModifiedTime@12, address_out = 0x6feaa314	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, type = time	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_ZipFile_open@28, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_ZipFile_open@28, address_out = 0x6fe81960	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30105, size_out = 30105	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2563, size_out = 2563	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 476, size_out = 476	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2703, size_out = 2703	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 753, size_out = 753	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3690, size_out = 3690	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3361, size_out = 3361	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_ZipFile_getTotal@16, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_ZipFile_getTotal@16, address_out = 0x6fe81a47	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_ZipFile_startsWithLOC@16, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_ZipFile_startsWithLOC@16, address_out = 0x6fe81a51	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3599, size_out = 3599	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_ZipFile_getEntry@24, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_ZipFile_getEntry@24, address_out = 0x6fe81a67	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_ZipFile_getEntryFlag@16, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_ZipFile_getEntryFlag@16, address_out = 0x6fe81b65	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_ZipFile_getEntryTime@16, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_ZipFile_getEntryTime@16, address_out = 0x6fe81b97	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_ZipFile_getEntryCrc@16, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_ZipFile_getEntryCrc@16, address_out = 0x6fe81ba3	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_ZipFile_getEntrySize@16, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_ZipFile_getEntrySize@16, address_out = 0x6fe81b8a	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_ZipFile_getEntryCSize@16, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_ZipFile_getEntryCSize@16, address_out = 0x6fe81b6f	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_ZipFile_getEntryMethod@16, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_ZipFile_getEntryMethod@16, address_out = 0x6fe81b4f	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_ZipFile_getEntryBytes@20, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_ZipFile_getEntryBytes@20, address_out = 0x6fe81bed	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_ZipFile_freeEntry@24, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_ZipFile_freeEntry@24, address_out = 0x6fe81b2c	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_Inflater_initIDs@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_Inflater_initIDs@8, address_out = 0x6fe81583	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 260, size_out = 260	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_Inflater_init@12, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_Inflater_init@12, address_out = 0x6fe8160b	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1899, size_out = 1899	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 678, size_out = 678	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_Inflater_inflateBytes@28, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_Inflater_inflateBytes@28, address_out = 0x6fe816f2	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_ZipFile_read@44, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_ZipFile_read@44, address_out = 0x6fe81cba	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 100, size_out = 100	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_Inflater_reset@16, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_Inflater_reset@16, address_out = 0x6fe818c5	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1909, size_out = 1909	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 670, size_out = 670	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_Inflater_end@16, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_Inflater_end@16, address_out = 0x6fe818e1	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_ZipFile_close@16, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_ZipFile_close@16, address_out = 0x6fe81a5b	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_ClassLoader_findLoadedClass0@12, address_out = 0x6fea1876	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_ClassLoader_findBootstrapClass@12, address_out = 0x6fea17e7	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_security_AccessController_doPrivileged@16, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_security_AccessController_doPrivileged@16, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_security_AccessController_doPrivileged__Ljava_security_PrivilegedExceptionAction_2Ljava_security_AccessControlContext_2@16, address_out = 0x6fea104a	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 762, size_out = 762	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\access-bridge.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\dnsns.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\jaccess.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\localedata.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunpkcs11.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\zipfs.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, type = time	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30105, size_out = 30105	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 100, size_out = 100	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	2	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 100, size_out = 100	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Package_getSystemPackage0@12, address_out = 0x6fea269c	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_jar_JarFile_getMetaInfEntryNames@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_jar_JarFile_getMetaInfEntryNames@8, address_out = 0x6fe81da5	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 100, size_out = 100	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 391, size_out = 391	1	Fn Data
System	Get Time	type = System Time, time = 1627-02-05 14:07:05 (UTC)	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_ClassLoader_defineClass1@32, address_out = 0x6fea150c	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 452, size_out = 452	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 536, size_out = 536	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 521, size_out = 521	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 491, size_out = 491	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 506, size_out = 506	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 515, size_out = 515	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 361, size_out = 361	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 331, size_out = 331	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 675, size_out = 675	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 451, size_out = 451	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 355, size_out = 355	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 299, size_out = 299	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 474, size_out = 474	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 655, size_out = 655	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 303, size_out = 303	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 335, size_out = 335	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 418, size_out = 418	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 430, size_out = 430	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 453, size_out = 453	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 555, size_out = 555	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 408, size_out = 408	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 477, size_out = 477	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 562, size_out = 562	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 394, size_out = 394	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 477, size_out = 477	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 462, size_out = 462	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 371, size_out = 371	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 231, size_out = 231	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 496, size_out = 496	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 691, size_out = 691	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 509, size_out = 509	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 580, size_out = 580	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 391, size_out = 391	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 496, size_out = 496	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 348, size_out = 348	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 331, size_out = 331	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 802, size_out = 802	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1127, size_out = 1127	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\resources.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\meta-index, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\meta-index, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:05 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib, type = file_attributes	2	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\meta-index, size = 8192, size_out = 2190	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\meta-index, type = file_type	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\meta-index, type = size, size_out = 2190	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\meta-index, size = 8192, size_out = 0	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\sunrsasign.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\charsets.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jfr.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\classes, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\meta-index, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:05 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\resources.jar, type = file_attributes	2	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:05 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\resources.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:05 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:05 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\sunrsasign.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:05 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:05 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:05 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\charsets.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:05 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jfr.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:05 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\classes, type = file_attributes	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\resources.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\sunrsasign.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\charsets.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jfr.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\classes, type = file_attributes	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_security_AccessController_doPrivileged@16, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_security_AccessController_doPrivileged@16, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_security_AccessController_doPrivileged__Ljava_security_PrivilegedAction_2Ljava_security_AccessControlContext_2@16, address_out = 0x6fea1018	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	2	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 329, size_out = 329	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 383, size_out = 383	1	Fn Data
File	Create	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, type = time	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	2	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 332, size_out = 332	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 348, size_out = 348	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 461, size_out = 461	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 570, size_out = 570	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 5504, size_out = 5504	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 582, size_out = 582	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 535, size_out = 535	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 678, size_out = 678	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 315, size_out = 315	1	Fn Data
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 6708, size_out = 6708	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 4096, size_out = 4096	2	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 1693, size_out = 1693	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 1351, size_out = 1351	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1358, size_out = 1358	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\java.security, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\java.security, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\java.security, size = 8192, size_out = 8192	2	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\java.security, size = 8192, size_out = 1440	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\java.security, type = file_type	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\java.security, type = size, size_out = 17824	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\java.security, size = 8192, size_out = 0	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2345, size_out = 2345	1	Fn Data
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 7, size_out = 7	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 13694, size_out = 13694	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 1056, size_out = 1056	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Double_longBitsToDouble@16, address_out = 0x6fea1cd0	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3940, size_out = 3940	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 5672, size_out = 5672	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 844, size_out = 844	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1453, size_out = 1453	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 803, size_out = 803	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2601, size_out = 2601	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, type = time	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 1240, size_out = 1240	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 160, size_out = 160	2	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 590, size_out = 590	2	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 525, size_out = 525	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 1320, size_out = 1320	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2666, size_out = 2666	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 314, size_out = 314	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 951, size_out = 951	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 10594, size_out = 10594	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3882, size_out = 3882	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3549, size_out = 3549	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1381, size_out = 1381	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 8211, size_out = 8211	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1075, size_out = 1075	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3695, size_out = 3695	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2117, size_out = 2117	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 346, size_out = 346	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 576, size_out = 576	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 24203, size_out = 24203	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 13092, size_out = 13092	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 623, size_out = 623	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3174, size_out = 3174	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2257, size_out = 2257	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1621, size_out = 1621	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2563, size_out = 2563	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2395, size_out = 2395	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 14258, size_out = 14258	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 853, size_out = 853	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 967, size_out = 967	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3914, size_out = 3914	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 5828, size_out = 5828	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 12814, size_out = 12814	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 4077, size_out = 4077	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2399, size_out = 2399	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2181, size_out = 2181	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 308, size_out = 308	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 381, size_out = 381	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 78, size_out = 78	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 4556, size_out = 4556	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 6732, size_out = 6732	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 732, size_out = 732	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 454, size_out = 454	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 457, size_out = 457	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 973, size_out = 973	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 310, size_out = 310	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2812, size_out = 2812	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 278, size_out = 278	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 131, size_out = 131	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3431, size_out = 3431	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 382, size_out = 382	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 281, size_out = 281	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 5929, size_out = 5929	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 6713, size_out = 6713	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3217, size_out = 3217	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 265, size_out = 265	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 6705, size_out = 6705	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3395, size_out = 3395	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1337, size_out = 1337	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 5120, size_out = 5120	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 374, size_out = 374	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1663, size_out = 1663	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 4945, size_out = 4945	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2801, size_out = 2801	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2263, size_out = 2263	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 4843, size_out = 4843	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2266, size_out = 2266	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3589, size_out = 3589	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3217, size_out = 3217	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2498, size_out = 2498	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2363, size_out = 2363	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 631, size_out = 631	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 866, size_out = 866	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 282, size_out = 282	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3850, size_out = 3850	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 591, size_out = 591	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 907, size_out = 907	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3908, size_out = 3908	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 8490, size_out = 8490	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 444, size_out = 444	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1731, size_out = 1731	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 4645, size_out = 4645	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 11624, size_out = 11624	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 915, size_out = 915	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
System	Get Time	type = System Time, time = 1627-02-05 14:07:06 (UTC)	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 390, size_out = 390	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\x86\sunec.dll, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.dll, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\sunec.dll, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:06 (UTC)	2	Fn
Module	Load	module_name = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\sunec.dll, base_address = 0x6fe60000	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\sunec.dll, function = _JNI_OnLoad@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\sunec.dll, function = JNI_OnLoad, address_out = 0x0	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 1434, size_out = 1434	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 454, size_out = 454	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 5439, size_out = 5439	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 619, size_out = 619	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, type = time	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 10470, size_out = 10470	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 160, size_out = 160	2	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 3596, size_out = 3596	2	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 3529, size_out = 3529	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 1320, size_out = 1320	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 160, size_out = 160	2	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 735, size_out = 735	1	Fn Data
System	Get Time	type = System Time, time = 1627-02-05 14:07:06 (UTC)	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 4170, size_out = 4170	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 817, size_out = 817	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 331, size_out = 331	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2357, size_out = 2357	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 187, size_out = 187	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 3665, size_out = 3665	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 3856, size_out = 3856	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 333, size_out = 333	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, type = time	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, type = time	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\US_export_policy.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\local_policy.jar, type = file_attributes	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 2915, size_out = 2915	1	Fn Data
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\US_export_policy.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\US_export_policy.jar, type = time	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\US_export_policy.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\US_export_policy.jar, size = 4, size_out = 4	1	Fn Data
For performance reasons, the remaining 3472 entries are omitted. The remaining entries can be found in glog.xml.

Thread 0x3a0

128

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:06 (UTC)	5	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:07 (UTC)	5	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	5	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:09 (UTC)	5	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:10 (UTC)	3	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:12 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:38 (UTC)	44	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:01 (UTC)	9	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:24 (UTC)	9	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:47 (UTC)	9	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:03 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:11 (UTC)	9	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:34 (UTC)	9	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:57 (UTC)	9	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:59 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:54:00 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:54:20 (UTC)	9	Fn

Thread 0x4dc

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000		1	Fn

Thread 0x4e0

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_ref_Finalizer_invokeFinalizeMethod@12, address_out = 0x6fea207c	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:38 (UTC)	41	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_ProcessImpl_closeHandle@16, address_out = 0x6fea8e8b	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:01 (UTC)	7	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:24 (UTC)	7	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:47 (UTC)	7	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:11 (UTC)	7	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:34 (UTC)	7	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:57 (UTC)	7	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:54:20 (UTC)	7	Fn

Thread 0x4d4

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000		1	Fn

Thread 0x4c4

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000		1	Fn

Thread 0x4cc

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000		1	Fn
Mutex	Create	-		1	Fn

Thread 0x4c0

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000		1	Fn

Thread 0x4bc

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000		1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:09 (UTC)		1	Fn

Thread 0x344

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000		1	Fn

Thread 0x318

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000		1	Fn

Thread 0x314

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_sun_awt_windows_WToolkit_init@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_sun_awt_windows_WToolkit_init@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\net.dll, function = _Java_sun_awt_windows_WToolkit_init@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\nio.dll, function = _Java_sun_awt_windows_WToolkit_init@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\awt.dll, function = _Java_sun_awt_windows_WToolkit_init@8, address_out = 0x6fb72210	1	Fn
Module	Load	module_name = COMCTL32.dll, base_address = 0x74110000	1	Fn
Module	Get Address	module_name = c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll, function = InitCommonControlsEx, address_out = 0x741309ce	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = LoadIconW, address_out = 0x7588f142	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = RegisterClassW, address_out = 0x7588ed4a	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = GetDC, address_out = 0x7589544c	1	Fn
Module	Load	module_name = GDI32.dll, base_address = 0x75ec0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\gdi32.dll, function = GetDeviceCaps, address_out = 0x75ec6f7f	2	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = ReleaseDC, address_out = 0x75895421	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = CreateWindowExW, address_out = 0x7588ec7c	1	Fn
Window	Create	window_name = theAwtToolkitWindow, class_name = SunAwtToolkit, wndproc_parameter = 0	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = DefWindowProcW, address_out = 0x7589507d	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = SetWindowsHookExW, address_out = 0x7588e30c	1	Fn
System	Register Hook	type = WH_GETMESSAGE, hookproc_address = 0x6fb71da0	1	Fn
Module	Load	module_name = ole32.dll, base_address = 0x75c90000	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = OleInitialize, address_out = 0x75caefd7	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 569, size_out = 569	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 333, size_out = 333	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_sun_awt_windows_WToolkit_eventLoop@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\net.dll, function = _Java_sun_awt_windows_WToolkit_eventLoop@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\nio.dll, function = _Java_sun_awt_windows_WToolkit_eventLoop@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\awt.dll, function = _Java_sun_awt_windows_WToolkit_eventLoop@8, address_out = 0x6fb71290	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = WaitMessage, address_out = 0x758966bd	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = PeekMessageW, address_out = 0x7589634a	1	Fn

Thread 0x57c

268

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 160, size_out = 160	1	Fn Data
System	Get Time	type = System Time, time = 1627-02-05 14:07:09 (UTC)	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 706, size_out = 706	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\zoIZCxYZMIr.EAMkwm, size = 3, size_out = 3	1	Fn Data
System	Get Time	type = System Time, time = 1627-02-05 14:07:09 (UTC)	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 448, size_out = 448	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 4013, size_out = 4013	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1566, size_out = 1566	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 402, size_out = 402	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 1366, size_out = 1366	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 9311, size_out = 9311	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 3572, size_out = 3572	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1619, size_out = 1619	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 2404, size_out = 2404	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 3013, size_out = 3013	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 1708, size_out = 1708	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 2879, size_out = 2879	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 1285, size_out = 1285	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 1398, size_out = 1398	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 1090, size_out = 1090	1	Fn Data
System	Get Time	type = System Time, time = 1627-02-05 14:07:09 (UTC)	2	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 3789, size_out = 3789	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 436, size_out = 436	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 792, size_out = 792	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 384, size_out = 384	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 78, size_out = 78	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 1217, size_out = 1217	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 480, size_out = 480	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 622, size_out = 622	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 76, size_out = 76	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 527, size_out = 527	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 4051, size_out = 4051	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 7991, size_out = 7991	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 704, size_out = 704	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 8401, size_out = 8401	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 2096, size_out = 2096	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2691, size_out = 2691	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1111, size_out = 1111	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1360789152958718586.vbs, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1360789152958718586.vbs, desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, FILE_FLAG_OPEN_REPARSE_POINT, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
Process	Create	process_name = cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1360789152958718586.vbs, os_pid = 0x558, creation_flags = CREATE_UNICODE_ENVIRONMENT, CREATE_NO_WINDOW, startup_flags = STARTF_USESTDHANDLES, show_window = SW_HIDE	1	Fn
File	Read	size = 8192, size_out = 108	1	Fn Data
File	Get Info	type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	size = 8192, size_out = 0	1	Fn
Process	Terminate	exit_code = 1	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1360789152958718586.vbs, type = file_attributes	1	Fn
File	Delete	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1360789152958718586.vbs	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3549377093237930864.vbs, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3549377093237930864.vbs, desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, FILE_FLAG_OPEN_REPARSE_POINT, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3549377093237930864.vbs, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Write	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3549377093237930864.vbs, size = 281	1	Fn Data
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
Process	Create	process_name = cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3549377093237930864.vbs, os_pid = 0x42c, creation_flags = CREATE_UNICODE_ENVIRONMENT, CREATE_NO_WINDOW, startup_flags = STARTF_USESTDHANDLES, show_window = SW_HIDE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1360789152958718586.vbs, size = 8192, size_out = 108	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1360789152958718586.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1360789152958718586.vbs, type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1360789152958718586.vbs, size = 8192, size_out = 0	1	Fn
Process	Terminate	exit_code = 1	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3549377093237930864.vbs, type = file_attributes	1	Fn
File	Delete	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3549377093237930864.vbs	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\javaw.exe, type = file_attributes	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1396, size_out = 1396	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 582, size_out = 582	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 46400, size_out = 46400	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 263, size_out = 263	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 357, size_out = 357	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 5472, size_out = 5472	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3241, size_out = 3241	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 784, size_out = 784	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1886, size_out = 1886	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 5529, size_out = 5529	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\net.dll, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:10 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\net.dll, type = file_attributes	2	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:10 (UTC)	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1188, size_out = 1188	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 213, size_out = 213	1	Fn Data
Module	Get Address	module_name = c:\windows\system32\iphlpapi.dll, function = GetFriendlyIfIndex, address_out = 0x7338d855	1	Fn
Module	Get Address	module_name = c:\windows\system32\iphlpapi.dll, function = GetIpAddrTable, address_out = 0x73389bb0	1	Fn
Module	Get Address	module_name = c:\windows\system32\iphlpapi.dll, function = GetAdaptersAddresses, address_out = 0x73386a4d	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 878, size_out = 878	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 7520, size_out = 7520	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 8446, size_out = 8446	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\management.dll, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:10 (UTC)	2	Fn
Module	Get Address	module_name = Unknown module name, function = _JNI_OnLoad@8, address_out = 0x738e2194	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 5830, size_out = 5830	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1929, size_out = 1929	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 519, size_out = 519	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 855, size_out = 855	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 413, size_out = 413	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 300, size_out = 300	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 152, size_out = 152	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1206, size_out = 1206	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 7192, size_out = 7192	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 536, size_out = 536	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 22580, size_out = 22580	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 325, size_out = 325	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2388, size_out = 2388	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1746, size_out = 1746	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 845, size_out = 845	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 14934, size_out = 14934	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 322, size_out = 322	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1032, size_out = 1032	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 773, size_out = 773	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 122, size_out = 122	1	Fn Data
File	Get Info	type = time	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\ID.txt, type = file_attributes	1	Fn
File	Read	size = 8192, size_out = 47	1	Fn Data
File	Get Info	type = file_type	1	Fn
File	Get Info	type = size, size_out = 47	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\cqsFQOTqbmg\nccJQMiokAP, type = file_attributes	4	Fn

Thread 0x134

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	2	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:12 (UTC)	2	Fn
System	Sleep	duration = 2000 milliseconds (2.000 seconds)	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:40 (UTC)	2	Fn
System	Sleep	duration = 2000 milliseconds (2.000 seconds)	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:03 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:26 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:50 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:13 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:36 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:59 (UTC)	2	Fn

Thread 0x4d8

282

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 26461, size_out = 26461	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 4540, size_out = 4540	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1995, size_out = 1995	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\net.dll, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:12 (UTC)	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1261, size_out = 1261	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 4115, size_out = 4115	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2598, size_out = 2598	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 11029, size_out = 11029	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 296, size_out = 296	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1028, size_out = 1028	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 17440, size_out = 17440	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 3033, size_out = 3033	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 861, size_out = 861	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 2660, size_out = 2660	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 1444, size_out = 1444	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 1192, size_out = 1192	1	Fn Data
System	Get Time	type = System Time, time = 1627-02-05 14:07:12 (UTC)	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 7071, size_out = 7071	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2038, size_out = 2038	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 2049, size_out = 2049	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 1627, size_out = 1627	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 8760, size_out = 8760	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 3164, size_out = 3164	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 2552, size_out = 2552	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1600, size_out = 1600	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 109, size_out = 109	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 235, size_out = 235	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 2863, size_out = 2863	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 443, size_out = 443	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 837, size_out = 837	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 3196, size_out = 3196	1	Fn Data
File	Get Info	type = time	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 1262, size_out = 1262	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 590, size_out = 590	2	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 525, size_out = 525	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 1320, size_out = 1320	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 160, size_out = 160	2	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 590, size_out = 590	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 525, size_out = 525	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 1320, size_out = 1320	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 1812, size_out = 1812	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 240, size_out = 240	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 1434, size_out = 1434	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 2863, size_out = 2863	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 242, size_out = 242	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 390, size_out = 390	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 242, size_out = 242	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 1989, size_out = 1989	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 837, size_out = 837	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 734, size_out = 734	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 235, size_out = 235	1	Fn Data
System	Get Time	type = System Time, time = 1627-02-05 14:07:12 (UTC)	2	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 5122, size_out = 5122	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 285, size_out = 285	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 889, size_out = 889	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3271, size_out = 3271	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 496, size_out = 496	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 1812, size_out = 1812	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 302, size_out = 302	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 23927, size_out = 23927	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1227, size_out = 1227	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 761, size_out = 761	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 107, size_out = 107	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2146, size_out = 2146	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 975, size_out = 975	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2114, size_out = 2114	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3293, size_out = 3293	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 634, size_out = 634	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 725, size_out = 725	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 859, size_out = 859	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 745, size_out = 745	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1326, size_out = 1326	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 4319, size_out = 4319	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 595, size_out = 595	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 626, size_out = 626	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 763, size_out = 763	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, type = time	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 2191, size_out = 2191	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 103, size_out = 103	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 913, size_out = 913	2	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 852, size_out = 852	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 1319, size_out = 1319	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 103, size_out = 103	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 1269, size_out = 1269	1	Fn Data
System	Get Time	type = System Time, time = 1627-02-05 14:07:12 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, type = file_attributes	2	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:12 (UTC)	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 404, size_out = 404	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\x86\sunmscapi.dll, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.dll, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\sunmscapi.dll, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:12 (UTC)	2	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 1399, size_out = 1399	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 3618, size_out = 3618	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 1507, size_out = 1507	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 8099, size_out = 8099	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 964, size_out = 964	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 1312, size_out = 1312	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 5799, size_out = 5799	1	Fn Data
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 686, size_out = 686	1	Fn Data
System	Get Time	type = System Time, time = 1627-02-05 14:07:12 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\net.properties, type = file_attributes	2	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:12 (UTC)	1	Fn
File	Read	size = 8192, size_out = 3070	1	Fn Data
File	Get Info	type = file_type	1	Fn
File	Get Info	type = size, size_out = 3070	1	Fn
File	Read	size = 8192, size_out = 0	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3605, size_out = 3605	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 331, size_out = 331	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 278, size_out = 278	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_net_DualStackPlainSocketImpl_close0@12, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_net_DualStackPlainSocketImpl_close0@12, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\net.dll, function = _Java_java_net_DualStackPlainSocketImpl_close0@12, address_out = 0x6fe499e3	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Runtime_gc@8, address_out = 0x6fea2caf	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:38 (UTC)	1	Fn

Thread 0x6b0

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:01 (UTC)	1	Fn

Thread 0x76c

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000		1	Fn

Thread 0x15c

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000		1	Fn

Thread 0x74c

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:24 (UTC)	1	Fn

Thread 0x46c

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:47 (UTC)	1	Fn

Thread 0x558

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000		1	Fn

Thread 0x250

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:11 (UTC)	1	Fn

Thread 0x4b4

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000		1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:03 (UTC)		2	Fn

Thread 0x21c

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:34 (UTC)	1	Fn

Thread 0x318

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:57 (UTC)	1	Fn

Thread 0x340

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:54:20 (UTC)	1	Fn

Process #31: java.exe

3856

125

Information	Value
ID	#31
File Name	c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.exe
Command Line	C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\java.exe -jar C:\Users\2XC7U6~1\AppData\Local\Temp\_0.98963488192277293018538009244777557.class
Initial Working Directory	C:\Windows\system32\
Monitor	Start Time: 00:02:01, Reason: Child Process
Unmonitor	End Time: 00:05:11, Reason: Terminated by Timeout
Monitor Duration	00:03:10

OS Process Information

Information	Value
PID	0x290
Parent PID	0x35c (c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\javaw.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x 268 0x 2B0 0x 350 0x 338 0x 334 0x 660 0x 348 0x 628 0x 32C 0x 4A4 0x 330 0x 79C 0x 5B0 0x 78C 0x 6AC 0x 6E4 0x 74C 0x 274 0x 768 0x 564 0x 784 0x 46C 0x 57C 0x 774 0x 188 0x 318 0x 230 0x 5D8 0x 30C 0x 574 0x 624 0x 718 0x 7A0 0x 274 0x 7AC 0x 7A8 0x 768 0x 64 0x 564 0x 154 0x 784 0x 57C 0x 174 0x 7A4 0x 6AC 0x 180 0x 718 0x 500 0x 228 0x 6D8 0x 2D8 0x 218 0x 64 0x 728 0x 340 0x 638 0x 790 0x 6AC 0x 180 0x 658 0x 718 0x 66C 0x 46C 0x 76C 0x 228 0x 6D8 0x 244 0x 210 0x 260 0x 64 0x 70C 0x 71C 0x 4B4 0x B0 0x 124 0x 638 0x 778 0x 740 0x 690 0x 768

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	-	-	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000030000	0x00030000	0x00033fff	Pagefile Backed Memory	-	-	-
private_0x0000000000040000	0x00040000	0x0008ffff	Private Memory	-	-	-
pagefile_0x0000000000090000	0x00090000	0x00092fff	Pagefile Backed Memory	-	-	-
locale.nls	0x000a0000	0x00106fff	Memory Mapped File	-	-	-
private_0x0000000000110000	0x00110000	0x00110fff	Private Memory	-	-	-
private_0x0000000000120000	0x00120000	0x00120fff	Private Memory	-	-	-
tzres.dll	0x00130000	0x00130fff	Memory Mapped File	-	-	-
pagefile_0x0000000000130000	0x00130000	0x00130fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000140000	0x00140000	0x00141fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000150000	0x00150000	0x00156fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000160000	0x00160000	0x00161fff	Pagefile Backed Memory	-	-	-
private_0x0000000000170000	0x00170000	0x00170fff	Private Memory	-	-	-
private_0x0000000000180000	0x00180000	0x0027ffff	Private Memory	-	-	-
pagefile_0x0000000000280000	0x00280000	0x00347fff	Pagefile Backed Memory	-	-	-
private_0x0000000000350000	0x00350000	0x00350fff	Private Memory	-	-	-
656	0x00360000	0x0036ffff	Memory Mapped File	rw		... Region Actions Download Dump
private_0x0000000000370000	0x00370000	0x0039ffff	Private Memory	-	-	-
private_0x00000000003a0000	0x003a0000	0x003affff	Private Memory	-	-	-
private_0x00000000003b0000	0x003b0000	0x003bffff	Private Memory	-	-	-
private_0x00000000003c0000	0x003c0000	0x003cffff	Private Memory	-	-	-
pagefile_0x00000000003d0000	0x003d0000	0x004d0fff	Pagefile Backed Memory	-	-	-
private_0x00000000004e0000	0x004e0000	0x005bffff	Private Memory	-	-	-
private_0x00000000004e0000	0x004e0000	0x0055ffff	Private Memory	-	-	-
private_0x0000000000560000	0x00560000	0x0059ffff	Private Memory	-	-	-
private_0x00000000005b0000	0x005b0000	0x005bffff	Private Memory	-	-	-
private_0x00000000005c0000	0x005c0000	0x006bffff	Private Memory	-	-	-
pagefile_0x00000000006c0000	0x006c0000	0x00ab2fff	Pagefile Backed Memory	-	-	-
java.exe	0x00af0000	0x00b1efff	Memory Mapped File	-	-	-
pagefile_0x0000000000b20000	0x00b20000	0x0171ffff	Pagefile Backed Memory	-	-	-
private_0x0000000001720000	0x01720000	0x0190ffff	Private Memory	-	-	-
private_0x0000000001740000	0x01740000	0x0178ffff	Private Memory	-	-	-
private_0x0000000001790000	0x01790000	0x0188ffff	Private Memory	-	-	-
private_0x0000000001890000	0x01890000	0x018effff	Private Memory	-	-	-
private_0x0000000001900000	0x01900000	0x0190ffff	Private Memory	-	-	-
private_0x0000000001910000	0x01910000	0x01b1ffff	Private Memory	-	-	-
private_0x0000000001910000	0x01910000	0x019bffff	Private Memory	-	-	-
private_0x00000000019c0000	0x019c0000	0x019fffff	Private Memory	-	-	-
rsaenh.dll	0x01a00000	0x01a3bfff	Memory Mapped File	-	-	-
private_0x0000000001a50000	0x01a50000	0x01a9ffff	Private Memory	-	-	-
private_0x0000000001ae0000	0x01ae0000	0x01b1ffff	Private Memory	-	-	-
private_0x0000000001b20000	0x01b20000	0x03b1ffff	Private Memory	-	-	-
private_0x0000000003b60000	0x03b60000	0x03baffff	Private Memory	-	-	-
private_0x0000000003bb0000	0x03bb0000	0x03bfffff	Private Memory	-	-	-
private_0x0000000003c90000	0x03c90000	0x03cdffff	Private Memory	-	-	-
private_0x0000000003d30000	0x03d30000	0x03d7ffff	Private Memory	-	-	-
private_0x0000000003dd0000	0x03dd0000	0x03e1ffff	Private Memory	-	-	-
private_0x0000000003e90000	0x03e90000	0x03edffff	Private Memory	-	-	-
private_0x0000000003f00000	0x03f00000	0x03f4ffff	Private Memory	-	-	-
private_0x0000000003f80000	0x03f80000	0x03fcffff	Private Memory	-	-	-
private_0x0000000003fd0000	0x03fd0000	0x041cffff	Private Memory	-	-	-
sortdefault.nls	0x041d0000	0x0449efff	Memory Mapped File	-	-	-
private_0x00000000044a0000	0x044a0000	0x0469ffff	Private Memory	-	-	-
private_0x00000000044a0000	0x044a0000	0x045cffff	Private Memory	-	-	-
private_0x00000000044a0000	0x044a0000	0x0459ffff	Private Memory	-	-	-
private_0x00000000045c0000	0x045c0000	0x045cffff	Private Memory	-	-	-
private_0x0000000004660000	0x04660000	0x0469ffff	Private Memory	-	-	-
private_0x00000000046a0000	0x046a0000	0x0483ffff	Private Memory	-	-	-
kernelbase.dll.mui	0x046a0000	0x0475ffff	Memory Mapped File	-	-	-
private_0x0000000004780000	0x04780000	0x047cffff	Private Memory	-	-	-
private_0x0000000004800000	0x04800000	0x0483ffff	Private Memory	-	-	-
private_0x00000000236d0000	0x236d0000	0x394cffff	Private Memory	-	-	-
private_0x00000000236d0000	0x236d0000	0x28c1ffff	Private Memory	-	-	-
private_0x0000000028c20000	0x28c20000	0x394cffff	Private Memory	-	-	-
private_0x0000000028c20000	0x28c20000	0x336cffff	Private Memory	-	-	-
private_0x00000000336d0000	0x336d0000	0x394cffff	Private Memory	-	-	-
private_0x00000000336d0000	0x336d0000	0x376cffff	Private Memory	-	-	-
private_0x00000000376d0000	0x376d0000	0x394cffff	Private Memory	-	-	-
private_0x00000000376d0000	0x376d0000	0x380cffff	Private Memory	-	-	-
private_0x00000000376d0000	0x376d0000	0x37b0ffff	Private Memory	-	-	-
classes.jsa	0x376d0000	0x37b0ffff	Memory Mapped File	-	-	-
private_0x0000000037b10000	0x37b10000	0x380cffff	Private Memory	-	-	-
private_0x00000000380d0000	0x380d0000	0x394cffff	Private Memory	-	-	-
private_0x00000000380d0000	0x380d0000	0x38ccffff	Private Memory	-	-	-
private_0x00000000380d0000	0x380d0000	0x3871ffff	Private Memory	-	-	-
classes.jsa	0x380d0000	0x3871ffff	Memory Mapped File	-	-	-
private_0x0000000038720000	0x38720000	0x38ccffff	Private Memory	-	-	-
private_0x0000000038cd0000	0x38cd0000	0x394cffff	Private Memory	-	-	-
private_0x0000000038cd0000	0x38cd0000	0x390cffff	Private Memory	-	-	-
private_0x0000000038cd0000	0x38cd0000	0x38f3ffff	Private Memory	-	-	-
classes.jsa	0x38cd0000	0x38f3ffff	Memory Mapped File	-	-	-
private_0x0000000038f40000	0x38f40000	0x390cffff	Private Memory	-	-	-
private_0x00000000390d0000	0x390d0000	0x394cffff	Private Memory	-	-	-
private_0x00000000390d0000	0x390d0000	0x390dffff	Private Memory	-	-	-
private_0x00000000390e0000	0x390e0000	0x394cffff	Private Memory	-	-	-
awt.dll	0x6fae0000	0x6fc22fff	Memory Mapped File	-	-	-
net.dll	0x6fe40000	0x6fe53fff	Memory Mapped File	-	-	-
sunec.dll	0x6fe60000	0x6fe7ffff	Memory Mapped File	-	-	-
zip.dll	0x6fe80000	0x6fe92fff	Memory Mapped File	-	-	-
java.dll	0x6fea0000	0x6febffff	Memory Mapped File	-	-	-
msvcr100.dll	0x700e0000	0x7019efff	Memory Mapped File	-	-	-
winrnr.dll	0x702b0000	0x702b7fff	Memory Mapped File	-	-	-
pnrpnsp.dll	0x702c0000	0x702d1fff	Memory Mapped File	-	-	-
napinsp.dll	0x702e0000	0x702effff	Memory Mapped File	-	-	-
winmm.dll	0x704a0000	0x704d1fff	Memory Mapped File	-	-	-
rasadhlp.dll	0x719f0000	0x719f5fff	Memory Mapped File	-	-	-
nio.dll	0x71c10000	0x71c1efff	Memory Mapped File	-	-	-
verify.dll	0x71c20000	0x71c2bfff	Memory Mapped File	-	-	-
jvm.dll	0x72880000	0x72bfffff	Memory Mapped File	-	-	-
fwpuclnt.dll	0x73260000	0x73297fff	Memory Mapped File	-	-	-
winnsi.dll	0x73370000	0x73376fff	Memory Mapped File	-	-	-
iphlpapi.dll	0x73380000	0x7339bfff	Memory Mapped File	-	-	-
nlaapi.dll	0x734e0000	0x734effff	Memory Mapped File	-	-	-
wsock32.dll	0x73a30000	0x73a36fff	Memory Mapped File	-	-	-
comctl32.dll	0x74110000	0x742adfff	Memory Mapped File	-	-	-
wshtcpip.dll	0x74710000	0x74714fff	Memory Mapped File	-	-	-
userenv.dll	0x747e0000	0x747f6fff	Memory Mapped File	-	-	-
rsaenh.dll	0x749a0000	0x749dafff	Memory Mapped File	-	-	-
dnsapi.dll	0x74a80000	0x74ac3fff	Memory Mapped File	-	-	-
wship6.dll	0x74bb0000	0x74bb5fff	Memory Mapped File	-	-	-
mswsock.dll	0x74bc0000	0x74bfbfff	Memory Mapped File	-	-	-
cryptsp.dll	0x74c00000	0x74c15fff	Memory Mapped File	-	-	-
cryptbase.dll	0x75080000	0x7508bfff	Memory Mapped File	-	-	-
profapi.dll	0x75130000	0x7513afff	Memory Mapped File	-	-	-
kernelbase.dll	0x753e0000	0x75429fff	Memory Mapped File	-	-	-
shlwapi.dll	0x75480000	0x754d6fff	Memory Mapped File	-	-	-
psapi.dll	0x754e0000	0x754e4fff	Memory Mapped File	-	-	-
sechost.dll	0x754f0000	0x75508fff	Memory Mapped File	-	-	-
oleaut32.dll	0x75510000	0x7559efff	Memory Mapped File	-	-	-
kernel32.dll	0x755a0000	0x75673fff	Memory Mapped File	-	-	-
user32.dll	0x75880000	0x75948fff	Memory Mapped File	-	-	-
usp10.dll	0x75950000	0x759ecfff	Memory Mapped File	-	-	-
ole32.dll	0x75c90000	0x75debfff	Memory Mapped File	-	-	-
advapi32.dll	0x75df0000	0x75e8ffff	Memory Mapped File	-	-	-
gdi32.dll	0x75ec0000	0x75f0dfff	Memory Mapped File	-	-	-
lpk.dll	0x75f10000	0x75f19fff	Memory Mapped File	-	-	-
nsi.dll	0x76100000	0x76105fff	Memory Mapped File	-	-	-
msvcrt.dll	0x76110000	0x761bbfff	Memory Mapped File	-	-	-
rpcrt4.dll	0x761c0000	0x76260fff	Memory Mapped File	-	-	-
ws2_32.dll	0x76fa0000	0x76fd4fff	Memory Mapped File	-	-	-
ntdll.dll	0x76fe0000	0x7711bfff	Memory Mapped File	-	-	-
imm32.dll	0x77120000	0x7713efff	Memory Mapped File	-	-	-
msctf.dll	0x77140000	0x7720bfff	Memory Mapped File	-	-	-
apisetschema.dll	0x77220000	0x77220fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffd4000	0x7ffd4000	0x7ffd4fff	Private Memory	-	-	-
private_0x000000007ffd5000	0x7ffd5000	0x7ffd5fff	Private Memory	-	-	-
private_0x000000007ffd6000	0x7ffd6000	0x7ffd6fff	Private Memory	-	-	-
private_0x000000007ffd7000	0x7ffd7000	0x7ffd7fff	Private Memory	-	-	-
private_0x000000007ffd8000	0x7ffd8000	0x7ffd8fff	Private Memory	-	-	-
private_0x000000007ffd9000	0x7ffd9000	0x7ffd9fff	Private Memory	-	-	-
private_0x000000007ffda000	0x7ffda000	0x7ffdafff	Private Memory	-	-	-
private_0x000000007ffdb000	0x7ffdb000	0x7ffdbfff	Private Memory	-	-	-
private_0x000000007ffdc000	0x7ffdc000	0x7ffdcfff	Private Memory	-	-	-
private_0x000000007ffdd000	0x7ffdd000	0x7ffddfff	Private Memory	-	-	-
private_0x000000007ffde000	0x7ffde000	0x7ffdefff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-
For performance reasons, the remaining 62 entries are omitted. The remaining entries can be found in flog.txt.

Created Files

Filename	File Size	Hash Values	YARA Match	Actions
C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive4432003530389164433.vbs	0.27 KB	MD5: a32c109297ed1ca155598cd295c26611 SHA1: dc4a1fdbaad15ddd6fe22d3907c6b03727b71510 SHA256: 45bfe34aa3ef932f75101246eb53d032f5e7cf6d1f5b4e495334955a255f32e7 SSDeep: 6:jpxiFtqvAAT+geD5NaqZxLMTQQQavbx3la2Zp6djsyn:vmtqvAndZFcQU9lrXyjsyn		... File Actions Show Properties Download
C:\Users\2XC7U6~1\AppData\Local\Temp\\hsperfdata_2XC7u663GxWc\860	64.00 KB	MD5: fcd6bcb56c1689fcef28b57c22475bad SHA1: 1adc95bebe9eea8c112d40cd04ab7a8d75c4f961 SHA256: de2f256064a0af797747c2b97505dc0b9f3df0de4f489eac731c23ae9ca9cc31 SSDeep: 3::		... File Actions Show Properties Download

Threads

Thread 0x268

Category	Operation	Information	Count	Logfile
System	Get Time	type = System Time, time = 1627-02-05 14:07:07 (UTC)	1	Fn
System	Get Time	type = Ticks, time = 30295	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = FlsAlloc, address_out = 0x755f418d	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = FlsGetValue, address_out = 0x755f1e16	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = FlsSetValue, address_out = 0x755f76e6	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = FlsFree, address_out = 0x755f1f61	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = STD_INPUT_HANDLE, type = file_type	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	1	Fn
File	Get Info	filename = STD_OUTPUT_HANDLE, type = file_type	1	Fn
File	Open	filename = STD_ERROR_HANDLE	1	Fn
File	Get Info	filename = STD_ERROR_HANDLE, type = file_type	1	Fn
Environment	Get Environment String	-	1	Fn Data
Module	Get Filename	process_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.exe, file_name_orig = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\java.exe, size = 260	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, type = file_type	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 22, size_out = 22	1	Fn Data
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 1024, size_out = 1024	1	Fn Data
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 161, size_out = 161	1	Fn Data
Module	Get Filename	process_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.exe, file_name_orig = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\java.exe, size = 260	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\i386\jvm.cfg, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\i386\jvm.cfg, type = file_type	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\i386\jvm.cfg, size = 4096, size_out = 686	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\i386\jvm.cfg, size = 4096, size_out = 0	1	Fn
Module	Get Filename	process_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.exe, file_name_orig = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\java.exe, size = 260	1	Fn
Module	Load	module_name = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\msvcr100.dll, base_address = 0x700e0000	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = FlsAlloc, address_out = 0x755f418d	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = FlsGetValue, address_out = 0x755f1e16	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = FlsSetValue, address_out = 0x755f76e6	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = FlsFree, address_out = 0x755f1f61	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	filename = STD_INPUT_HANDLE, type = file_type	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	1	Fn
File	Get Info	filename = STD_OUTPUT_HANDLE, type = file_type	1	Fn
File	Open	filename = STD_ERROR_HANDLE	1	Fn
File	Get Info	filename = STD_ERROR_HANDLE, type = file_type	1	Fn
Environment	Get Environment String	-	1	Fn Data
System	Get Time	type = System Time, time = 1627-02-05 14:07:07 (UTC)	1	Fn
Module	Load	module_name = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\jvm.dll, base_address = 0x72880000	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\client\jvm.dll, function = JNI_CreateJavaVM, address_out = 0x72948e70	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\client\jvm.dll, function = JNI_GetDefaultJavaVMInitArgs, address_out = 0x7293e340	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn

Thread 0x2b0

2497

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Info	type = Hardware Information	1	Fn
System	Get Info	type = Operating System	1	Fn
Environment	Get Environment String	name = _ALT_JAVA_HOME_DIR	1	Fn
Module	Get Filename	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\client\jvm.dll, process_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.exe, file_name_orig = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\jvm.dll, size = 260	1	Fn
Module	Get Filename	process_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.exe, file_name_orig = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\java.exe, size = 260	1	Fn
System	Get Info	type = Windows Directory, result_out = C:\Windows	1	Fn
System	Get Info	type = System Directory, result_out = C:\Windows\system32	1	Fn
System	Get Info	type = Windows Directory, result_out = C:\Windows	2	Fn
Module	Load	module_name = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\verify.dll, base_address = 0x71c20000	1	Fn
Module	Load	module_name = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\java.dll, base_address = 0x6fea0000	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, address_out = 0x6fea6fcf	1	Fn
Environment	Get Environment String	name = JAVA_TOOL_OPTIONS	1	Fn
Environment	Get Environment String	name = _JAVA_OPTIONS	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\endorsed, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:07 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\\hsperfdata_2XC7u663GxWc, type = file_attributes	2	Fn
Process	Open	desired_access = PROCESS_QUERY_INFORMATION	1	Fn
Module	Get Handle	module_name = c:\windows\system32\advapi32.dll, base_address = 0x75df0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SetSecurityDescriptorControl, address_out = 0x75e17a8b	1	Fn
Module	Get Handle	module_name = c:\windows\system32\advapi32.dll, base_address = 0x75df0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SetSecurityDescriptorControl, address_out = 0x75e17a8b	1	Fn
Module	Get Handle	module_name = c:\windows\system32\advapi32.dll, base_address = 0x75df0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SetSecurityDescriptorControl, address_out = 0x75e17a8b	1	Fn
File	Create Directory	C:\Users\2XC7U6~1\AppData\Local\Temp\\hsperfdata_2XC7u663GxWc	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\\hsperfdata_2XC7u663GxWc, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\\hsperfdata_2XC7u663GxWc\656, desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_FLAG_DELETE_ON_CLOSE, share_mode = FILE_SHARE_READ, FILE_SHARE_DELETE	1	Fn
Module	Create Mapping	module_name = C:\Users\2XC7U6~1\AppData\Local\Temp\\hsperfdata_2XC7u663GxWc\656, filename = C:\Users\2XC7U6~1\AppData\Local\Temp\\hsperfdata_2XC7u663GxWc\656, protection = PAGE_READWRITE, maximum_size = 65536	1	Fn
Module	Map	C:\Users\2XC7U6~1\AppData\Local\Temp\\hsperfdata_2XC7u663GxWc\656, process_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.exe, desired_access = FILE_MAP_ALL_ACCESS	1	Fn
Module	Load	module_name = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\zip.dll, base_address = 0x6fe80000	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = ZIP_Open, address_out = 0x6fe83af6	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = ZIP_Close, address_out = 0x6fe83a1c	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = ZIP_FindEntry, address_out = 0x6fe83661	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = ZIP_ReadEntry, address_out = 0x6fe83697	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = ZIP_ReadMappedEntry, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = ZIP_GetNextEntry, address_out = 0x6fe83622	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = Canonicalize, address_out = 0x6fea5f09	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\meta-index, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\meta-index, type = file_type	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, type = file_type	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, size = 2416, size_out = 2416	1	Fn Data
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ	1	Fn
Module	Create Mapping	module_name = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, protection = PAGE_WRITECOPY, maximum_size = 0	1	Fn
Module	Map	C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, process_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.exe, desired_access = FILE_MAP_READ	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ	1	Fn
Module	Create Mapping	module_name = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, protection = PAGE_WRITECOPY, maximum_size = 0	1	Fn
Module	Map	C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, process_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.exe, desired_access = FILE_MAP_COPY	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ	1	Fn
Module	Create Mapping	module_name = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, protection = PAGE_WRITECOPY, maximum_size = 0	1	Fn
Module	Map	C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, process_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.exe, desired_access = FILE_MAP_COPY	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\classes.jsa, size = 65536, size_out = 65536	1	Fn Data
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Object_registerNatives@8, address_out = 0x6fea20dc	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_System_registerNatives@8, address_out = 0x6fea3035	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_System_identityHashCode@12, address_out = 0x6fea3050	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Thread_registerNatives@8, address_out = 0x6fea467c	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_security_AccessController_getStackAccessControlContext@8, address_out = 0x6fea1064	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_security_AccessController_getInheritedAccessControlContext@8, address_out = 0x6fea1069	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_security_AccessController_doPrivileged@12, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_ClassLoader_registerNatives@8, address_out = 0x6fea1498	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_security_AccessController_doPrivileged__Ljava_security_PrivilegedAction_2@12, address_out = 0x6fea1000	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	2	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Class_registerNatives@8, address_out = 0x6fea12da	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Class_getPrimitiveClass@12, address_out = 0x6fea1445	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Float_floatToRawIntBits@12, address_out = 0x6fea20cc	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Double_doubleToRawLongBits@16, address_out = 0x6fea1ce8	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_sun_misc_VM_initialize@8, address_out = 0x6fea87ac	1	Fn
Module	Get Handle	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\client\jvm.dll, base_address = 0x72880000	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\client\jvm.dll, function = JVM_GetVersionInfo, address_out = 0x7296d980	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_System_initProperties@12, address_out = 0x6fea3350	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = GetNativeSystemInfo, address_out = 0x755dbe77	1	Fn
System	Get Info	type = Hardware Information	2	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, value_name = Desktop, data = C:\Users\2XC7u663GxWc\Desktop, type = REG_SZ	1	Fn
Module	Get Handle	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\client\jvm.dll, base_address = 0x72880000	1	Fn
Module	Get Filename	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\client\jvm.dll, process_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.exe, file_name_orig = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\client\jvm.dll, size = 260	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = NewStringPlatform, address_out = 0x6fea6cc9	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Runtime_maxMemory@8, address_out = 0x6fea2ca7	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Throwable_fillInStackTrace@12, address_out = 0x6fea4697	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_sun_reflect_Reflection_getCallerClass@8, address_out = 0x6fea7d85	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_String_intern@8, address_out = 0x6fea12d5	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_FileInputStream_initIDs@8, address_out = 0x6fea1dd1	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_FileDescriptor_initIDs@8, address_out = 0x6fea1d29	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 7, size_out = 7	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1781193, size_out = 1781193	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 709, size_out = 709	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 277, size_out = 277	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_FileDescriptor_set@12, address_out = 0x6fea1d6a	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_FileOutputStream_initIDs@8, address_out = 0x6fea1fbf	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2305, size_out = 2305	1	Fn Data
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Runtime_freeMemory@8, address_out = 0x6fea2c97	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_System_setIn0@12, address_out = 0x6fea44d1	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Object_getClass@8, address_out = 0x6fea20f7	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Class_forName0@20, address_out = 0x6fea1300	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1022, size_out = 1022	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_sun_reflect_Reflection_getClassAccessFlags@12, address_out = 0x6fea7da3	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_sun_reflect_NativeConstructorAccessorImpl_newInstance0@16, address_out = 0x6fea7d71	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2882, size_out = 2882	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 104, size_out = 104	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 728, size_out = 728	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 345, size_out = 345	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_System_setOut0@12, address_out = 0x6fea4507	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_System_setErr0@12, address_out = 0x6fea453d	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_FileSystem_getFileSystem@8, address_out = 0x6fea1cfb	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_Win32FileSystem_initIDs@8, address_out = 0x6fea8f36	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_WinNTFileSystem_initIDs@8, address_out = 0x6fea9b30	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = GetFinalPathNameByHandleW, address_out = 0x755d4e2a	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_System_mapLibraryName@12, address_out = 0x6fea4594	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 815, size_out = 815	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_WinNTFileSystem_getBooleanAttributes@12, address_out = 0x6feaa1a8	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\zip.dll, type = file_attributes	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_WinNTFileSystem_canonicalize0@12, address_out = 0x6fea9e1d	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\zip.dll, type = file_attributes	2	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_ClassLoader_00024NativeLibrary_load@12, address_out = 0x6fea18e4	1	Fn
Module	Load	module_name = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\zip.dll, base_address = 0x6fe80000	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _JNI_OnLoad@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = JNI_OnLoad, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_sun_misc_Signal_findSignal@12, address_out = 0x6fea46b5	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_sun_misc_Signal_handle0@20, address_out = 0x6fea46ef	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_sun_io_Win32ErrorMode_setErrorMode@16, address_out = 0x6feac3d5	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Compiler_registerNatives@8, address_out = 0x6fea1b79	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Class_isAssignableFrom@12, address_out = 0x6fea141b	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1105, size_out = 1105	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1761, size_out = 1761	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_concurrent_atomic_AtomicLong_VMSupportsCS8@8, address_out = 0x6fea83ed	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 514, size_out = 514	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 970, size_out = 970	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2589, size_out = 2589	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1008, size_out = 1008	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_security_AccessController_doPrivileged@12, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_ClassLoader_00024NativeLibrary_find@12, address_out = 0x6fea1ae7	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_security_AccessController_doPrivileged@12, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_security_AccessController_doPrivileged__Ljava_security_PrivilegedExceptionAction_2@12, address_out = 0x6fea1032	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\meta-index, type = file_attributes	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_FileInputStream_open@12, address_out = 0x6fea1df4	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\meta-index, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2004, size_out = 2004	1	Fn Data
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext, type = file_attributes	2	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 669, size_out = 669	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_FileInputStream_readBytes@20, address_out = 0x6fea1e2c	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\meta-index, size = 8192, size_out = 829	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_FileInputStream_available@8, address_out = 0x6fea1f10	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\meta-index, type = file_type	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\meta-index, type = size, size_out = 829	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_reflect_Array_newArray@16, address_out = 0x6fea12ad	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 962, size_out = 962	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 934, size_out = 934	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1720, size_out = 1720	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1012, size_out = 1012	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Runtime_availableProcessors@8, address_out = 0x6fea2d11	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3028, size_out = 3028	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1111, size_out = 1111	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2976, size_out = 2976	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 672, size_out = 672	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1189, size_out = 1189	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2646, size_out = 2646	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\meta-index, size = 8192, size_out = 0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_FileInputStream_close0@8, address_out = 0x6fea1fa6	1	Fn
File	Get Info	filename = C:\Windows\Sun\Java\lib\ext\meta-index, type = file_attributes	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_WinNTFileSystem_list@12, address_out = 0x6feaa570	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\access-bridge.jar, type = file_attributes	2	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\access-bridge.jar, type = file_attributes	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 966, size_out = 966	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 800, size_out = 800	1	Fn Data
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_WinNTFileSystem_canonicalizeWithPrefix0@16, address_out = 0x6fea9f47	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\dnsns.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\jaccess.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\localedata.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunpkcs11.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\zipfs.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Windows\Sun\Java\lib\ext, type = file_attributes	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1280, size_out = 1280	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 609, size_out = 609	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 628, size_out = 628	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 328, size_out = 328	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 327, size_out = 327	1	Fn Data
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, type = file_attributes	2	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, type = file_attributes	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	4	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\management\usagetracker.properties, type = file_attributes	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Module	Get Handle	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\client\jvm.dll, base_address = 0x72880000	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\client\jvm.dll, function = JVM_FindClassFromBootLoader, address_out = 0x72975a90	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 12212, size_out = 12212	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_ZipFile_initIDs@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_ZipFile_initIDs@8, address_out = 0x6fe8190b	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 748, size_out = 748	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 6630, size_out = 6630	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3392, size_out = 3392	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_WinNTFileSystem_getLastModifiedTime@12, address_out = 0x6feaa314	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, type = time	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_ZipFile_open@28, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_ZipFile_open@28, address_out = 0x6fe81960	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 6113, size_out = 6113	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2563, size_out = 2563	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 476, size_out = 476	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2703, size_out = 2703	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 753, size_out = 753	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3690, size_out = 3690	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3361, size_out = 3361	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_ZipFile_getTotal@16, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_ZipFile_getTotal@16, address_out = 0x6fe81a47	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_ZipFile_startsWithLOC@16, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_ZipFile_startsWithLOC@16, address_out = 0x6fe81a51	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3599, size_out = 3599	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_ZipFile_getEntry@24, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_ZipFile_getEntry@24, address_out = 0x6fe81a67	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 160, size_out = 160	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_ZipFile_getEntryFlag@16, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_ZipFile_getEntryFlag@16, address_out = 0x6fe81b65	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_ZipFile_getEntryTime@16, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_ZipFile_getEntryTime@16, address_out = 0x6fe81b97	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_ZipFile_getEntryCrc@16, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_ZipFile_getEntryCrc@16, address_out = 0x6fe81ba3	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_ZipFile_getEntrySize@16, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_ZipFile_getEntrySize@16, address_out = 0x6fe81b8a	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_ZipFile_getEntryCSize@16, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_ZipFile_getEntryCSize@16, address_out = 0x6fe81b6f	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_ZipFile_getEntryMethod@16, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_ZipFile_getEntryMethod@16, address_out = 0x6fe81b4f	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_ZipFile_getEntryBytes@20, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_ZipFile_getEntryBytes@20, address_out = 0x6fe81bed	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_ZipFile_freeEntry@24, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_ZipFile_freeEntry@24, address_out = 0x6fe81b2c	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_Inflater_initIDs@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_Inflater_initIDs@8, address_out = 0x6fe81583	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 260, size_out = 260	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_Inflater_init@12, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_Inflater_init@12, address_out = 0x6fe8160b	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1899, size_out = 1899	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 678, size_out = 678	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_Inflater_inflateBytes@28, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_Inflater_inflateBytes@28, address_out = 0x6fe816f2	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_ZipFile_read@44, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_ZipFile_read@44, address_out = 0x6fe81cba	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 161, size_out = 161	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_Inflater_reset@16, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_Inflater_reset@16, address_out = 0x6fe818c5	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1909, size_out = 1909	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 670, size_out = 670	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_Inflater_end@16, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_Inflater_end@16, address_out = 0x6fe818e1	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_ZipFile_close@16, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_ZipFile_close@16, address_out = 0x6fe81a5b	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_ClassLoader_findLoadedClass0@12, address_out = 0x6fea1876	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_ClassLoader_findBootstrapClass@12, address_out = 0x6fea17e7	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_security_AccessController_doPrivileged@16, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_security_AccessController_doPrivileged@16, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_security_AccessController_doPrivileged__Ljava_security_PrivilegedExceptionAction_2Ljava_security_AccessControlContext_2@16, address_out = 0x6fea104a	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 762, size_out = 762	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\access-bridge.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\dnsns.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\jaccess.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\localedata.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunpkcs11.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\zipfs.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, type = time	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 6113, size_out = 6113	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 161, size_out = 161	2	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 160, size_out = 160	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Package_getSystemPackage0@12, address_out = 0x6fea269c	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_jar_JarFile_getMetaInfEntryNames@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_jar_JarFile_getMetaInfEntryNames@8, address_out = 0x6fe81da5	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 161, size_out = 161	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 263, size_out = 263	1	Fn Data
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, type = file_attributes	2	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_ClassLoader_defineClass1@32, address_out = 0x6fea150c	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = VerifyClassCodesForMajorVersion, address_out = 0x6fea4724	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 16, size_out = 16	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 729, size_out = 729	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 17, size_out = 17	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 243, size_out = 243	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 16, size_out = 16	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 315, size_out = 315	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 16, size_out = 16	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 437, size_out = 437	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 16, size_out = 16	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 439, size_out = 439	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 16, size_out = 16	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 342, size_out = 342	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 802, size_out = 802	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1127, size_out = 1127	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\resources.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\meta-index, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\meta-index, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib, type = file_attributes	2	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\meta-index, size = 8192, size_out = 2190	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\meta-index, type = file_type	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\meta-index, type = size, size_out = 2190	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\meta-index, size = 8192, size_out = 0	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\sunrsasign.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\charsets.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jfr.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\classes, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\meta-index, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\resources.jar, type = file_attributes	2	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\resources.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\sunrsasign.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\charsets.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jfr.jar, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\classes, type = file_attributes	2	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\resources.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\sunrsasign.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\charsets.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jfr.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\classes, type = file_attributes	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_security_AccessController_doPrivileged@16, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_security_AccessController_doPrivileged@16, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_security_AccessController_doPrivileged__Ljava_security_PrivilegedAction_2Ljava_security_AccessControlContext_2@16, address_out = 0x6fea1018	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 160, size_out = 160	1	Fn Data
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, type = time	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 1468, size_out = 1468	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1486, size_out = 1486	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 16, size_out = 16	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 258, size_out = 258	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_io_ObjectStreamClass_initNative@8, address_out = 0x6fea25ca	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_sun_misc_VM_latestUserDefinedLoader@8, address_out = 0x6fea87a0	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2351, size_out = 2351	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 877, size_out = 877	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 645, size_out = 645	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 6444, size_out = 6444	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1453, size_out = 1453	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Class_isInstance@12, address_out = 0x6fea13f8	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 513, size_out = 513	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_sun_reflect_NativeMethodAccessorImpl_invoke0@20, address_out = 0x6fea7d59	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 4556, size_out = 4556	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\java.security, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\java.security, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\java.security, size = 8192, size_out = 8192	2	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\java.security, size = 8192, size_out = 1440	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\java.security, type = file_type	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\java.security, type = size, size_out = 17824	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\java.security, size = 8192, size_out = 0	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2345, size_out = 2345	1	Fn Data
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 7, size_out = 7	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 13694, size_out = 13694	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 1056, size_out = 1056	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_Double_longBitsToDouble@16, address_out = 0x6fea1cd0	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3940, size_out = 3940	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 5672, size_out = 5672	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 844, size_out = 844	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 803, size_out = 803	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2601, size_out = 2601	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 6732, size_out = 6732	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 732, size_out = 732	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 454, size_out = 454	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 78, size_out = 78	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 457, size_out = 457	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 973, size_out = 973	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 308, size_out = 308	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 381, size_out = 381	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 310, size_out = 310	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3431, size_out = 3431	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 382, size_out = 382	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 281, size_out = 281	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 131, size_out = 131	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 5929, size_out = 5929	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 160, size_out = 160	1	Fn Data
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 16, size_out = 16	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 405, size_out = 405	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 17, size_out = 17	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 182, size_out = 182	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 258, size_out = 258	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 3, size_out = 3	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 160, size_out = 160	1	Fn Data
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 354, size_out = 354	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 3, size_out = 3	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 16, size_out = 16	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 645, size_out = 645	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 17, size_out = 17	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 380, size_out = 380	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 17, size_out = 17	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 512, size_out = 512	1	Fn Data
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 6708, size_out = 6708	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 4096, size_out = 4096	2	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 1693, size_out = 1693	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 1351, size_out = 1351	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1358, size_out = 1358	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, type = time	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 1240, size_out = 1240	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 160, size_out = 160	2	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 590, size_out = 590	2	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 525, size_out = 525	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 1320, size_out = 1320	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2666, size_out = 2666	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 314, size_out = 314	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 951, size_out = 951	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 10594, size_out = 10594	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3882, size_out = 3882	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3549, size_out = 3549	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1381, size_out = 1381	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 8211, size_out = 8211	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1075, size_out = 1075	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3695, size_out = 3695	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2117, size_out = 2117	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 346, size_out = 346	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 576, size_out = 576	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 24203, size_out = 24203	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 13092, size_out = 13092	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 623, size_out = 623	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3174, size_out = 3174	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2257, size_out = 2257	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1621, size_out = 1621	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2563, size_out = 2563	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2395, size_out = 2395	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 14258, size_out = 14258	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 853, size_out = 853	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 967, size_out = 967	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3914, size_out = 3914	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 5828, size_out = 5828	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 12814, size_out = 12814	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 4077, size_out = 4077	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2399, size_out = 2399	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2181, size_out = 2181	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2812, size_out = 2812	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 278, size_out = 278	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 6713, size_out = 6713	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3217, size_out = 3217	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 265, size_out = 265	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 6705, size_out = 6705	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3395, size_out = 3395	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1337, size_out = 1337	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 5120, size_out = 5120	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 374, size_out = 374	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1663, size_out = 1663	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 4945, size_out = 4945	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2801, size_out = 2801	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2263, size_out = 2263	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 4843, size_out = 4843	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2266, size_out = 2266	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3589, size_out = 3589	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3217, size_out = 3217	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2498, size_out = 2498	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2363, size_out = 2363	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 631, size_out = 631	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 866, size_out = 866	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 282, size_out = 282	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3850, size_out = 3850	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 591, size_out = 591	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 907, size_out = 907	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3908, size_out = 3908	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 8490, size_out = 8490	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 444, size_out = 444	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1731, size_out = 1731	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 4645, size_out = 4645	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 11624, size_out = 11624	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 915, size_out = 915	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 687, size_out = 687	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 11725, size_out = 11725	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1715, size_out = 1715	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1952, size_out = 1952	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1957, size_out = 1957	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1960, size_out = 1960	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1966, size_out = 1966	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 441, size_out = 441	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 723, size_out = 723	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3045, size_out = 3045	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2242, size_out = 2242	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 387, size_out = 387	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 6064, size_out = 6064	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1369, size_out = 1369	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 4032, size_out = 4032	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\x86\sunec.dll, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.dll, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\sunec.dll, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	2	Fn
Module	Load	module_name = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\sunec.dll, base_address = 0x6fe60000	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\sunec.dll, function = _JNI_OnLoad@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\sunec.dll, function = JNI_OnLoad, address_out = 0x0	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 1434, size_out = 1434	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 454, size_out = 454	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 5439, size_out = 5439	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 619, size_out = 619	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, type = time	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 10470, size_out = 10470	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 160, size_out = 160	2	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 3596, size_out = 3596	2	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 3529, size_out = 3529	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 1320, size_out = 1320	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 160, size_out = 160	2	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 735, size_out = 735	1	Fn Data
System	Get Time	type = System Time, time = 1627-02-05 14:07:08 (UTC)	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 4170, size_out = 4170	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 817, size_out = 817	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 331, size_out = 331	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2357, size_out = 2357	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 187, size_out = 187	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar, size = 3665, size_out = 3665	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 3856, size_out = 3856	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 333, size_out = 333	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, type = time	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, type = time	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\US_export_policy.jar, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\local_policy.jar, type = file_attributes	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 2915, size_out = 2915	1	Fn Data
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\US_export_policy.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\US_export_policy.jar, type = time	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\US_export_policy.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\US_export_policy.jar, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\US_export_policy.jar, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\US_export_policy.jar, size = 328, size_out = 328	1	Fn Data
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_util_zip_ZipFile_getNextEntry@20, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_java_util_zip_ZipFile_getNextEntry@20, address_out = 0x6fe81b3e	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\US_export_policy.jar, size = 350, size_out = 350	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\US_export_policy.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\US_export_policy.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\US_export_policy.jar, size = 160, size_out = 160	3	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\US_export_policy.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\US_export_policy.jar, size = 213, size_out = 213	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\US_export_policy.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\US_export_policy.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\security\US_export_policy.jar, size = 1319, size_out = 1319	1	Fn Data
For performance reasons, the remaining 1385 entries are omitted. The remaining entries can be found in glog.xml.

Thread 0x350

257

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:09 (UTC)	3	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:10 (UTC)	3	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:11 (UTC)	3	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:12 (UTC)	5	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:27 (UTC)	9	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:31 (UTC)	9	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:34 (UTC)	9	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:37 (UTC)	9	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:40 (UTC)	10	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:43 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:46 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:49 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:52 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:55 (UTC)	5	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:58 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:01 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:05 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:08 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:11 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:13 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:14 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:16 (UTC)	4	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:17 (UTC)	8	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:19 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:20 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:23 (UTC)	5	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:26 (UTC)	5	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:29 (UTC)	5	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:32 (UTC)	5	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:36 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:39 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:42 (UTC)	5	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:45 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:48 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:51 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:54 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:57 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:00 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:03 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:04 (UTC)	2	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:07 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:10 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:13 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:16 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:19 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:22 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:25 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:28 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:31 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:34 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:37 (UTC)	2	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:38 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:41 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:43 (UTC)	4	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:44 (UTC)	6	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:47 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:50 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:53 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:56 (UTC)	5	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:59 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:54:02 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:54:05 (UTC)	5	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:54:08 (UTC)	2	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:54:09 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:54:12 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:54:15 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:54:18 (UTC)	3	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:54:21 (UTC)	3	Fn

Thread 0x338

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000		1	Fn

Thread 0x334

126

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_ref_Finalizer_invokeFinalizeMethod@12, address_out = 0x6fea207c	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:14 (UTC)	40	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:17 (UTC)	4	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:20 (UTC)	4	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:27 (UTC)	7	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:31 (UTC)	7	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:34 (UTC)	7	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:37 (UTC)	7	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:40 (UTC)	5	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:43 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:46 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:49 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:52 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:55 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:58 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:01 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:05 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:08 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:11 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:14 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:17 (UTC)	2	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:20 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:23 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:26 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:29 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:32 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:36 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:39 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:42 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:45 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:48 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:51 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:54 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:57 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:00 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:04 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:07 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:10 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:13 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:16 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:19 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:22 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:25 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:28 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:31 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:34 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:38 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:41 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:44 (UTC)	2	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:47 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:50 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:53 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:56 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:59 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:54:02 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:54:05 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:54:09 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:54:12 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:54:15 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:54:18 (UTC)	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:54:21 (UTC)	1	Fn

Thread 0x660

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000		1	Fn

Thread 0x348

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000		1	Fn

Thread 0x628

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000		1	Fn
Mutex	Create	-		1	Fn

Thread 0x32c

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000		1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:12 (UTC)		1	Fn

Thread 0x4a4

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000		1	Fn

Thread 0x79c

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000		1	Fn

Thread 0x5b0

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000		1	Fn

Thread 0x78c

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.dll, function = _Java_sun_awt_windows_WToolkit_init@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\zip.dll, function = _Java_sun_awt_windows_WToolkit_init@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\net.dll, function = _Java_sun_awt_windows_WToolkit_init@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\nio.dll, function = _Java_sun_awt_windows_WToolkit_init@8, address_out = 0x0	1	Fn
Module	Get Address	module_name = c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\awt.dll, function = _Java_sun_awt_windows_WToolkit_init@8, address_out = 0x6fb72210	1	Fn
Module	Load	module_name = COMCTL32.dll, base_address = 0x74110000	1	Fn
Module	Get Address	module_name = c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll, function = InitCommonControlsEx, address_out = 0x741309ce	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = LoadIconW, address_out = 0x7588f142	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = RegisterClassW, address_out = 0x7588ed4a	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = GetDC, address_out = 0x7589544c	1	Fn
Module	Load	module_name = GDI32.dll, base_address = 0x75ec0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\gdi32.dll, function = GetDeviceCaps, address_out = 0x75ec6f7f	2	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = ReleaseDC, address_out = 0x75895421	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = CreateWindowExW, address_out = 0x7588ec7c	1	Fn
Window	Create	window_name = theAwtToolkitWindow, class_name = SunAwtToolkit, wndproc_parameter = 0	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = DefWindowProcW, address_out = 0x7589507d	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = SetWindowsHookExW, address_out = 0x7588e30c	1	Fn
System	Register Hook	type = WH_GETMESSAGE, hookproc_address = 0x6fb71da0	1	Fn
Module	Load	module_name = ole32.dll, base_address = 0x75c90000	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = OleInitialize, address_out = 0x75caefd7	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 569, size_out = 569	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 333, size_out = 333	1	Fn Data
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\user32.dll, function = PeekMessageW, address_out = 0x7589634a	1	Fn

Thread 0x6ac

298

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 16, size_out = 16	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Local\Temp\_0.98963488192277293018538009244777557.class, size = 390, size_out = 390	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 448, size_out = 448	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 4013, size_out = 4013	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1566, size_out = 1566	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 402, size_out = 402	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 1366, size_out = 1366	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 9311, size_out = 9311	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 3572, size_out = 3572	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1619, size_out = 1619	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 2404, size_out = 2404	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 3013, size_out = 3013	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 1708, size_out = 1708	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 2879, size_out = 2879	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 1285, size_out = 1285	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 1398, size_out = 1398	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 1090, size_out = 1090	1	Fn Data
System	Get Time	type = System Time, time = 1627-02-05 14:07:11 (UTC)	2	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 3789, size_out = 3789	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 436, size_out = 436	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 792, size_out = 792	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 384, size_out = 384	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 78, size_out = 78	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 1217, size_out = 1217	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 480, size_out = 480	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 622, size_out = 622	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 76, size_out = 76	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 527, size_out = 527	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 4051, size_out = 4051	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 7991, size_out = 7991	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 704, size_out = 704	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 8401, size_out = 8401	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 2096, size_out = 2096	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2691, size_out = 2691	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1111, size_out = 1111	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1664, size_out = 1664	1	Fn Data
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive7366168634408503799.vbs, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive7366168634408503799.vbs, desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, FILE_FLAG_OPEN_REPARSE_POINT, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 6028, size_out = 6028	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 7832, size_out = 7832	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 382, size_out = 382	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 5512, size_out = 5512	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 949, size_out = 949	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1167, size_out = 1167	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1731, size_out = 1731	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1427, size_out = 1427	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1429, size_out = 1429	1	Fn Data
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
Process	Create	process_name = cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive7366168634408503799.vbs, os_pid = 0x7a0, creation_flags = CREATE_UNICODE_ENVIRONMENT, CREATE_NO_WINDOW, startup_flags = STARTF_USESTDHANDLES, show_window = SW_HIDE	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1873, size_out = 1873	1	Fn Data
File	Read	size = 8192, size_out = 108	1	Fn Data
File	Get Info	type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	size = 8192, size_out = 0	1	Fn
Process	Terminate	exit_code = 1	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive7366168634408503799.vbs, type = file_attributes	1	Fn
File	Delete	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive7366168634408503799.vbs	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1162148989861803484.vbs, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1162148989861803484.vbs, desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, FILE_FLAG_OPEN_REPARSE_POINT, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1162148989861803484.vbs, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
File	Write	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1162148989861803484.vbs, size = 281	1	Fn Data
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
File	Create Pipe	pipe_name = Anonymous read pipe, size = 4120	1	Fn
Process	Create	process_name = cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1162148989861803484.vbs, os_pid = 0x624, creation_flags = CREATE_UNICODE_ENVIRONMENT, CREATE_NO_WINDOW, startup_flags = STARTF_USESTDHANDLES, show_window = SW_HIDE	1	Fn
File	Read	size = 8192, size_out = 108	1	Fn Data
File	Get Info	type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Get Info	type = file_type	1	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
File	Read	size = 8192, size_out = 0	1	Fn
Process	Terminate	exit_code = 1	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1162148989861803484.vbs, type = file_attributes	1	Fn
File	Delete	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1162148989861803484.vbs	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\javaw.exe, type = file_attributes	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1396, size_out = 1396	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 582, size_out = 582	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 46400, size_out = 46400	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 263, size_out = 263	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 357, size_out = 357	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 5472, size_out = 5472	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3241, size_out = 3241	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 784, size_out = 784	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1886, size_out = 1886	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 5529, size_out = 5529	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\net.dll, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:12 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\net.dll, type = file_attributes	2	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:12 (UTC)	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1188, size_out = 1188	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 213, size_out = 213	1	Fn Data
Module	Get Address	module_name = c:\windows\system32\iphlpapi.dll, function = GetFriendlyIfIndex, address_out = 0x7338d855	1	Fn
Module	Get Address	module_name = c:\windows\system32\iphlpapi.dll, function = GetIpAddrTable, address_out = 0x73389bb0	1	Fn
Module	Get Address	module_name = c:\windows\system32\iphlpapi.dll, function = GetAdaptersAddresses, address_out = 0x73386a4d	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 878, size_out = 878	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 7520, size_out = 7520	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 8446, size_out = 8446	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\management.dll, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:12 (UTC)	2	Fn
Module	Get Address	module_name = Unknown module name, function = _JNI_OnLoad@8, address_out = 0x738e2194	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 5830, size_out = 5830	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1929, size_out = 1929	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 519, size_out = 519	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 855, size_out = 855	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 413, size_out = 413	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 300, size_out = 300	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 152, size_out = 152	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1206, size_out = 1206	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 7192, size_out = 7192	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 536, size_out = 536	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 22580, size_out = 22580	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 325, size_out = 325	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2388, size_out = 2388	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1746, size_out = 1746	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 845, size_out = 845	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 14934, size_out = 14934	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 322, size_out = 322	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1032, size_out = 1032	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 773, size_out = 773	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 122, size_out = 122	1	Fn Data
File	Get Info	type = time	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\fUTkALeaTxM, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\fUTkALeaTxM\ID.txt, type = file_attributes	1	Fn
File	Read	size = 8192, size_out = 47	1	Fn Data
File	Get Info	type = file_type	1	Fn
File	Get Info	type = size, size_out = 47	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\fUTkALeaTxM\DdWDtpinxpf, type = file_attributes	4	Fn

Thread 0x6e4

182

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	2	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:12 (UTC)	2	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:16 (UTC)	2	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:19 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:22 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:30 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:33 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:36 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:39 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:42 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:45 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:48 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:51 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:54 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:57 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:00 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:03 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:07 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:10 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:13 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:16 (UTC)	3	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:19 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:22 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:25 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:28 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:31 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:35 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:38 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:41 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:44 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:47 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:50 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:53 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:56 (UTC)	2	Fn
System	Sleep	duration = 2000 milliseconds (2.000 seconds)	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:59 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:02 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:06 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:09 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:12 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:15 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:18 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:21 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:24 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:27 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:30 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:33 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:36 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:40 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:43 (UTC)	3	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:46 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:49 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:52 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:55 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:58 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:54:01 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:54:04 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:54:07 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:54:11 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:54:14 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:54:17 (UTC)	2	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:54:20 (UTC)	2	Fn

Thread 0x74c

274

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 26461, size_out = 26461	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 4540, size_out = 4540	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1995, size_out = 1995	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\net.dll, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:12 (UTC)	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1261, size_out = 1261	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 4115, size_out = 4115	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2598, size_out = 2598	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 11029, size_out = 11029	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 296, size_out = 296	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1028, size_out = 1028	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 17440, size_out = 17440	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 3033, size_out = 3033	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 861, size_out = 861	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 2660, size_out = 2660	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 1444, size_out = 1444	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 1192, size_out = 1192	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 7071, size_out = 7071	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2038, size_out = 2038	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 2049, size_out = 2049	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 1627, size_out = 1627	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 8760, size_out = 8760	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 3164, size_out = 3164	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 2552, size_out = 2552	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1600, size_out = 1600	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 109, size_out = 109	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 235, size_out = 235	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 2863, size_out = 2863	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 443, size_out = 443	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 837, size_out = 837	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 3196, size_out = 3196	1	Fn Data
File	Get Info	type = time	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 1262, size_out = 1262	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 590, size_out = 590	2	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 525, size_out = 525	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 1320, size_out = 1320	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 160, size_out = 160	2	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 590, size_out = 590	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 525, size_out = 525	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 1320, size_out = 1320	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 1812, size_out = 1812	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 240, size_out = 240	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 1434, size_out = 1434	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 2863, size_out = 2863	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 242, size_out = 242	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 390, size_out = 390	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 242, size_out = 242	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 1989, size_out = 1989	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 837, size_out = 837	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 734, size_out = 734	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 235, size_out = 235	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 5122, size_out = 5122	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 285, size_out = 285	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 889, size_out = 889	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3271, size_out = 3271	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 496, size_out = 496	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunec.jar, size = 1812, size_out = 1812	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 302, size_out = 302	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 23927, size_out = 23927	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1227, size_out = 1227	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 761, size_out = 761	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 107, size_out = 107	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2146, size_out = 2146	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 975, size_out = 975	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 2114, size_out = 2114	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3293, size_out = 3293	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jce.jar, size = 634, size_out = 634	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 725, size_out = 725	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 859, size_out = 859	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 745, size_out = 745	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 1326, size_out = 1326	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 4319, size_out = 4319	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 595, size_out = 595	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 626, size_out = 626	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 763, size_out = 763	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, type = file_attributes	1	Fn
File	Create	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, type = time	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 4, size_out = 4	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 128, size_out = 128	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 2191, size_out = 2191	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 103, size_out = 103	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 913, size_out = 913	2	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 852, size_out = 852	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 1319, size_out = 1319	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 103, size_out = 103	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 1269, size_out = 1269	1	Fn Data
System	Get Time	type = System Time, time = 1627-02-05 14:07:13 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, type = file_attributes	2	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:13 (UTC)	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar, size = 404, size_out = 404	1	Fn Data
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\x86\sunmscapi.dll, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\ext\sunmscapi.dll, type = file_attributes	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\bin\sunmscapi.dll, type = file_attributes	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:13 (UTC)	2	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 1399, size_out = 1399	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 3618, size_out = 3618	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 1507, size_out = 1507	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 8099, size_out = 8099	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 964, size_out = 964	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 1312, size_out = 1312	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\jsse.jar, size = 5799, size_out = 5799	1	Fn Data
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 686, size_out = 686	1	Fn Data
System	Get Time	type = System Time, time = 1627-02-05 14:07:13 (UTC)	1	Fn
File	Get Info	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\net.properties, type = file_attributes	2	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:13 (UTC)	1	Fn
File	Read	size = 8192, size_out = 3070	1	Fn Data
File	Get Info	type = file_type	1	Fn
File	Get Info	type = size, size_out = 3070	1	Fn
File	Read	size = 8192, size_out = 0	1	Fn
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 3605, size_out = 3605	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 331, size_out = 331	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 160, size_out = 160	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 30, size_out = 30	1	Fn Data
File	Read	filename = C:\Users\2XC7u663GxWc\AppData\Roaming\Oracle\lib\rt.jar, size = 278, size_out = 278	1	Fn Data
Socket	Close	type = SOCK_STREAM	1	Fn

Thread 0x274

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:17 (UTC)	1	Fn

Thread 0x768

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 1627-02-05 14:07:20 (UTC)	1	Fn

Thread 0x564

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:27 (UTC)	1	Fn

Thread 0x784

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:31 (UTC)	1	Fn

Thread 0x46c

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:34 (UTC)	1	Fn

Thread 0x57c

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:37 (UTC)	1	Fn

Thread 0x774

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:40 (UTC)	1	Fn

Thread 0x188

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:43 (UTC)	1	Fn

Thread 0x318

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000		1	Fn

Thread 0x230

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000		1	Fn

Thread 0x5d8

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:46 (UTC)	1	Fn

Thread 0x30c

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:49 (UTC)	1	Fn

Thread 0x574

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:52 (UTC)	1	Fn

Thread 0x624

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:55 (UTC)	1	Fn

Thread 0x718

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:51:58 (UTC)	1	Fn

Thread 0x7a0

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:01 (UTC)	1	Fn

Thread 0x274

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:05 (UTC)	1	Fn

Thread 0x7ac

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:08 (UTC)	1	Fn

Thread 0x7a8

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:11 (UTC)	1	Fn

Thread 0x768

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:14 (UTC)	1	Fn

Thread 0x64

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:17 (UTC)	1	Fn

Thread 0x564

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:20 (UTC)	1	Fn

Thread 0x154

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:23 (UTC)	1	Fn

Thread 0x784

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:26 (UTC)	1	Fn

Thread 0x57c

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:29 (UTC)	1	Fn

Thread 0x174

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:32 (UTC)	1	Fn

Thread 0x7a4

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000		1	Fn

Thread 0x6ac

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:36 (UTC)	1	Fn

Thread 0x180

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:39 (UTC)	1	Fn

Thread 0x718

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:42 (UTC)	1	Fn

Thread 0x500

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:45 (UTC)	1	Fn

Thread 0x228

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:48 (UTC)	1	Fn

Thread 0x6d8

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:51 (UTC)	1	Fn

Thread 0x2d8

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:54 (UTC)	1	Fn

Thread 0x218

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:52:57 (UTC)	1	Fn

Thread 0x64

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:00 (UTC)	1	Fn

Thread 0x728

Category	Operation	Information	Success	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000		1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:03 (UTC)		2	Fn

Thread 0x340

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:04 (UTC)	1	Fn

Thread 0x638

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:07 (UTC)	1	Fn

Thread 0x790

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:10 (UTC)	1	Fn

Thread 0x6ac

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:13 (UTC)	1	Fn

Thread 0x180

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:16 (UTC)	1	Fn

Thread 0x658

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:19 (UTC)	1	Fn

Thread 0x718

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:22 (UTC)	1	Fn

Thread 0x66c

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:25 (UTC)	1	Fn

Thread 0x46c

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:28 (UTC)	1	Fn

Thread 0x76c

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:31 (UTC)	1	Fn

Thread 0x228

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:34 (UTC)	1	Fn

Thread 0x6d8

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:37 (UTC)	1	Fn

Thread 0x244

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:41 (UTC)	1	Fn

Thread 0x210

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:44 (UTC)	1	Fn

Thread 0x260

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:47 (UTC)	1	Fn

Thread 0x64

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:50 (UTC)	1	Fn

Thread 0x70c

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:53 (UTC)	1	Fn

Thread 0x71c

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:56 (UTC)	1	Fn

Thread 0x4b4

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:53:59 (UTC)	1	Fn

Thread 0xb0

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:54:02 (UTC)	1	Fn

Thread 0x124

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:54:05 (UTC)	1	Fn

Thread 0x638

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:54:08 (UTC)	1	Fn

Thread 0x778

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:54:12 (UTC)	1	Fn

Thread 0x740

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:54:15 (UTC)	1	Fn

Thread 0x690

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:54:18 (UTC)	1	Fn

Thread 0x768

Category	Operation	Information	Count	Logfile
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Socket	Create	protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM	1	Fn
Socket	Close	type = SOCK_STREAM	1	Fn
System	Get Time	type = System Time, time = 2018-07-19 09:54:21 (UTC)	1	Fn

Process #32: cmd.exe

Information	Value
ID	#32
File Name	c:\windows\system32\cmd.exe
Command Line	cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1360789152958718586.vbs
Initial Working Directory	C:\Windows\system32\
Monitor	Start Time: 00:02:04, Reason: Child Process
Unmonitor	End Time: 00:02:05, Reason: Self Terminated
Monitor Duration	00:00:01

OS Process Information

Information	Value
PID	0x558
Parent PID	0x35c (c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\javaw.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x 718

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000030000	0x00030000	0x00033fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000040000	0x00040000	0x00040fff	Pagefile Backed Memory	-	-	-
locale.nls	0x00050000	0x000b6fff	Memory Mapped File	-	-	-
pagefile_0x00000000000c0000	0x000c0000	0x000c6fff	Pagefile Backed Memory	-	-	-
pagefile_0x00000000000d0000	0x000d0000	0x000d1fff	Pagefile Backed Memory	-	-	-
private_0x00000000000e0000	0x000e0000	0x000e0fff	Private Memory	-	-	-
private_0x00000000000f0000	0x000f0000	0x001effff	Private Memory	-	-	-
private_0x00000000001f0000	0x001f0000	0x001f0fff	Private Memory	-	-	-
cscript.exe.mui	0x00200000	0x00202fff	Memory Mapped File	-	-	-
private_0x00000000002a0000	0x002a0000	0x002affff	Private Memory	-	-	-
cscript.exe	0x002b0000	0x002d1fff	Memory Mapped File	-	-	-
private_0x0000000000370000	0x00370000	0x0046ffff	Private Memory	-	-	-
pagefile_0x0000000000470000	0x00470000	0x00537fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000540000	0x00540000	0x00640fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000650000	0x00650000	0x0124ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000001250000	0x01250000	0x014dafff	Pagefile Backed Memory	-	-	-
sortdefault.nls	0x014e0000	0x017aefff	Memory Mapped File	-	-	-
cmd.exe	0x4a710000	0x4a75bfff	Memory Mapped File	-	-	-
winbrand.dll	0x6fad0000	0x6fad6fff	Memory Mapped File	-	-	-
kernelbase.dll	0x753e0000	0x75429fff	Memory Mapped File	-	-	-
kernel32.dll	0x755a0000	0x75673fff	Memory Mapped File	-	-	-
user32.dll	0x75880000	0x75948fff	Memory Mapped File	-	-	-
usp10.dll	0x75950000	0x759ecfff	Memory Mapped File	-	-	-
gdi32.dll	0x75ec0000	0x75f0dfff	Memory Mapped File	-	-	-
lpk.dll	0x75f10000	0x75f19fff	Memory Mapped File	-	-	-
msvcrt.dll	0x76110000	0x761bbfff	Memory Mapped File	-	-	-
ntdll.dll	0x76fe0000	0x7711bfff	Memory Mapped File	-	-	-
imm32.dll	0x77120000	0x7713efff	Memory Mapped File	-	-	-
msctf.dll	0x77140000	0x7720bfff	Memory Mapped File	-	-	-
apisetschema.dll	0x77220000	0x77220fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffde000	0x7ffde000	0x7ffdefff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-

Threads

Thread 0x718

Category	Operation	Information	Count	Logfile
System	Get Time	type = System Time, time = 1627-02-05 14:07:09 (UTC)	1	Fn
System	Get Time	type = Ticks, time = 32167	1	Fn
Module	Get Handle	module_name = c:\windows\system32\cmd.exe, base_address = 0x4a710000	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x755f24c2	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	2	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
Environment	Get Environment String	-	2	Fn Data
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 192, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE	1	Fn
Module	Get Filename	process_name = c:\windows\system32\cmd.exe, file_name_orig = C:\Windows\system32\cmd.exe, size = 260	1	Fn
Environment	Get Environment String	name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\	1	Fn
Environment	Get Environment String	name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC	1	Fn
Environment	Get Environment String	name = PROMPT	1	Fn
Environment	Set Environment String	name = PROMPT, value = $P$G	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Get Environment String	name = COMSPEC, result_out = C:\Windows\system32\cmd.exe	1	Fn
Environment	Get Environment String	name = KEYS	1	Fn
File	Get Info	filename = C:\Windows\system32, type = file_attributes	1	Fn
File	Get Info	filename = C:\Windows\System32, type = file_attributes	1	Fn
Environment	Set Environment String	name = =C:, value = C:\Windows\System32	1	Fn
Environment	Get Environment String	-	1	Fn Data
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = CopyFileExW, address_out = 0x755dac6c	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = IsDebuggerPresent, address_out = 0x755e3ea8	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x755f2732	1	Fn
File	Get Info	filename = cscript.exe, type = file_attributes	1	Fn
Environment	Get Environment String	name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\	1	Fn
Environment	Get Environment String	name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC	1	Fn
Process	Create	process_name = C:\Windows\system32\cscript.exe, os_pid = 0x7a4, creation_flags = CREATE_EXTENDED_STARTUPINFO_PRESENT, show_window = SW_SHOWNORMAL	1	Fn
Environment	Set Environment String	name = COPYCMD	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Set Environment String	name = =ExitCode, value = 00000000	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Set Environment String	name = =ExitCodeAscii	1	Fn
Environment	Get Environment String	-	1	Fn Data
File	Open	filename = STD_OUTPUT_HANDLE	2	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn

Process #33: cscript.exe

Information	Value
ID	#33
File Name	c:\windows\system32\cscript.exe
Command Line	cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1360789152958718586.vbs
Initial Working Directory	C:\Windows\system32\
Monitor	Start Time: 00:02:04, Reason: Child Process
Unmonitor	End Time: 00:02:05, Reason: Self Terminated
Monitor Duration	00:00:01

OS Process Information

Information	Value
PID	0x7a4
Parent PID	0x558 (c:\windows\system32\cmd.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x 46C 0x 7A0 0x 79C 0x 78C 0x 784 0x 6B4 0x 6B0 0x 6AC

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	-	-	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000030000	0x00030000	0x00033fff	Pagefile Backed Memory	-	-	-
locale.nls	0x00040000	0x000a6fff	Memory Mapped File	-	-	-
pagefile_0x00000000000b0000	0x000b0000	0x000b6fff	Pagefile Backed Memory	-	-	-
pagefile_0x00000000000c0000	0x000c0000	0x000c1fff	Pagefile Backed Memory	-	-	-
cscript.exe.mui	0x000d0000	0x000d2fff	Memory Mapped File	-	-	-
private_0x00000000000e0000	0x000e0000	0x000e0fff	Private Memory	-	-	-
private_0x00000000000f0000	0x000f0000	0x000f0fff	Private Memory	-	-	-
cscript.exe	0x00100000	0x0010bfff	Memory Mapped File	-	-	-
pagefile_0x0000000000110000	0x00110000	0x00110fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000120000	0x00120000	0x00120fff	Pagefile Backed Memory	-	-	-
private_0x0000000000130000	0x00130000	0x0022ffff	Private Memory	-	-	-
rpcss.dll	0x00230000	0x0028bfff	Memory Mapped File	-	-	-
retrive1360789152958718586.vbs	0x00230000	0x00230fff	Memory Mapped File	-	-	-
rsaenh.dll	0x00230000	0x0026bfff	Memory Mapped File	-	-	-
private_0x0000000000230000	0x00230000	0x0023ffff	Private Memory	-	-	-
retrive1360789152958718586.vbs	0x00240000	0x00240fff	Memory Mapped File	-	-	-
wbemdisp.tlb	0x00240000	0x0024efff	Memory Mapped File	-	-	-
cscript.exe	0x002b0000	0x002d1fff	Memory Mapped File	-	-	-
private_0x00000000003a0000	0x003a0000	0x0049ffff	Private Memory	-	-	-
pagefile_0x00000000004a0000	0x004a0000	0x00567fff	Pagefile Backed Memory	-	-	-
private_0x0000000000600000	0x00600000	0x0060ffff	Private Memory	-	-	-
pagefile_0x0000000000610000	0x00610000	0x00710fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000720000	0x00720000	0x0131ffff	Pagefile Backed Memory	-	-	-
private_0x0000000001320000	0x01320000	0x0141ffff	Private Memory	-	-	-
pagefile_0x0000000001420000	0x01420000	0x014fefff	Pagefile Backed Memory	-	-	-
private_0x0000000001560000	0x01560000	0x0165ffff	Private Memory	-	-	-
sortdefault.nls	0x01660000	0x0192efff	Memory Mapped File	-	-	-
private_0x0000000001970000	0x01970000	0x01a6ffff	Private Memory	-	-	-
private_0x0000000001a80000	0x01a80000	0x01b7ffff	Private Memory	-	-	-
pagefile_0x0000000001b80000	0x01b80000	0x01f7ffff	Pagefile Backed Memory	-	-	-
private_0x0000000001f80000	0x01f80000	0x0212ffff	Private Memory	-	-	-
private_0x0000000001f80000	0x01f80000	0x0207ffff	Private Memory	-	-	-
private_0x0000000002120000	0x02120000	0x0212ffff	Private Memory	-	-	-
private_0x0000000002160000	0x02160000	0x0225ffff	Private Memory	-	-	-
private_0x0000000002260000	0x02260000	0x0232ffff	Private Memory	-	-	-
private_0x0000000002330000	0x02330000	0x0241ffff	Private Memory	-	-	-
private_0x0000000002440000	0x02440000	0x0253ffff	Private Memory	-	-	-
private_0x0000000002550000	0x02550000	0x0264ffff	Private Memory	-	-	-
private_0x0000000002660000	0x02660000	0x0275ffff	Private Memory	-	-	-
wbemdisp.dll	0x6f9c0000	0x6f9f0fff	Memory Mapped File	-	-	-
scrobj.dll	0x6fa00000	0x6fa2cfff	Memory Mapped File	-	-	-
wshext.dll	0x6fa30000	0x6fa45fff	Memory Mapped File	-	-	-
msisip.dll	0x6fa50000	0x6fa57fff	Memory Mapped File	-	-	-
vbscript.dll	0x6fa60000	0x6facafff	Memory Mapped File	-	-	-
wmiutils.dll	0x709f0000	0x70a06fff	Memory Mapped File	-	-	-
wbemsvc.dll	0x70ae0000	0x70aeefff	Memory Mapped File	-	-	-
wbemprox.dll	0x70d40000	0x70d49fff	Memory Mapped File	-	-	-
ntdsapi.dll	0x70d50000	0x70d67fff	Memory Mapped File	-	-	-
fastprox.dll	0x70d70000	0x70e05fff	Memory Mapped File	-	-	-
wbemcomn.dll	0x70f40000	0x70f9bfff	Memory Mapped File	-	-	-
comctl32.dll	0x72c00000	0x72c83fff	Memory Mapped File	-	-	-
dwmapi.dll	0x73c60000	0x73c72fff	Memory Mapped File	-	-	-
uxtheme.dll	0x73f90000	0x73fcffff	Memory Mapped File	-	-	-
version.dll	0x74680000	0x74688fff	Memory Mapped File	-	-	-
rsaenh.dll	0x749a0000	0x749dafff	Memory Mapped File	-	-	-
cryptsp.dll	0x74c00000	0x74c15fff	Memory Mapped File	-	-	-
cryptbase.dll	0x75080000	0x7508bfff	Memory Mapped File	-	-	-
sxs.dll	0x75090000	0x750eefff	Memory Mapped File	-	-	-
rpcrtremote.dll	0x75120000	0x7512dfff	Memory Mapped File	-	-	-
msasn1.dll	0x751a0000	0x751abfff	Memory Mapped File	-	-	-
crypt32.dll	0x751b0000	0x752ccfff	Memory Mapped File	-	-	-
wintrust.dll	0x752d0000	0x752fcfff	Memory Mapped File	-	-	-
kernelbase.dll	0x753e0000	0x75429fff	Memory Mapped File	-	-	-
shlwapi.dll	0x75480000	0x754d6fff	Memory Mapped File	-	-	-
sechost.dll	0x754f0000	0x75508fff	Memory Mapped File	-	-	-
oleaut32.dll	0x75510000	0x7559efff	Memory Mapped File	-	-	-
kernel32.dll	0x755a0000	0x75673fff	Memory Mapped File	-	-	-
user32.dll	0x75880000	0x75948fff	Memory Mapped File	-	-	-
usp10.dll	0x75950000	0x759ecfff	Memory Mapped File	-	-	-
ole32.dll	0x75c90000	0x75debfff	Memory Mapped File	-	-	-
advapi32.dll	0x75df0000	0x75e8ffff	Memory Mapped File	-	-	-
gdi32.dll	0x75ec0000	0x75f0dfff	Memory Mapped File	-	-	-
lpk.dll	0x75f10000	0x75f19fff	Memory Mapped File	-	-	-
clbcatq.dll	0x76060000	0x760e2fff	Memory Mapped File	-	-	-
nsi.dll	0x76100000	0x76105fff	Memory Mapped File	-	-	-
msvcrt.dll	0x76110000	0x761bbfff	Memory Mapped File	-	-	-
rpcrt4.dll	0x761c0000	0x76260fff	Memory Mapped File	-	-	-
shell32.dll	0x76350000	0x76f99fff	Memory Mapped File	-	-	-
ws2_32.dll	0x76fa0000	0x76fd4fff	Memory Mapped File	-	-	-
ntdll.dll	0x76fe0000	0x7711bfff	Memory Mapped File	-	-	-
imm32.dll	0x77120000	0x7713efff	Memory Mapped File	-	-	-
msctf.dll	0x77140000	0x7720bfff	Memory Mapped File	-	-	-
apisetschema.dll	0x77220000	0x77220fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffd7000	0x7ffd7000	0x7ffd7fff	Private Memory	-	-	-
private_0x000000007ffd8000	0x7ffd8000	0x7ffd8fff	Private Memory	-	-	-
private_0x000000007ffd9000	0x7ffd9000	0x7ffd9fff	Private Memory	-	-	-
private_0x000000007ffda000	0x7ffda000	0x7ffdafff	Private Memory	-	-	-
private_0x000000007ffdb000	0x7ffdb000	0x7ffdbfff	Private Memory	-	-	-
private_0x000000007ffdc000	0x7ffdc000	0x7ffdcfff	Private Memory	-	-	-
private_0x000000007ffdd000	0x7ffdd000	0x7ffddfff	Private Memory	-	-	-
private_0x000000007ffde000	0x7ffde000	0x7ffdefff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-

Threads

Thread 0x46c

Category	Operation	Information	Count	Logfile
System	Get Time	type = System Time, time = 1627-02-05 14:07:09 (UTC)	1	Fn
System	Get Time	type = Ticks, time = 32229	1	Fn
Module	Get Handle	module_name = c:\windows\system32\cscript.exe, base_address = 0x2b0000	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Load	module_name = kernel32.dll, base_address = 0x755a0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x755f24c2	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 196, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = Enabled, data = 196, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = Enabled, data = 196, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 0, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = LogSecuritySuccesses, data = 0, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = LogSecuritySuccesses, data = 0, type = REG_NONE	1	Fn
Module	Load	module_name = kernel32.dll, base_address = 0x755a0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = HeapSetInformation, address_out = 0x755f4157	1	Fn
Module	Get Filename	module_name = c:\windows\system32\cscript.exe, process_name = c:\windows\system32\cscript.exe, file_name_orig = C:\Windows\system32\cscript.exe, size = 261	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 237, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = TrustPolicy, data = 104, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = UseWINSAFER, data = 237, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = TrustPolicy, data = 104, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = UseWINSAFER, data = 1, type = REG_SZ	1	Fn
Registry	Create Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = Timeout, data = 16, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = DisplayLogo, data = 1, type = REG_SZ	1	Fn
Registry	Create Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = Timeout, data = 16, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = DisplayLogo, data = 49, type = REG_NONE	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	1	Fn
File	Write	filename = STD_OUTPUT_HANDLE, size = 108	1	Fn Data
System	Sleep	duration = -1 (infinite)	1	Fn
Registry	Open Key	reg_name = HKEY_CLASSES_ROOT\.vbs	1	Fn
Registry	Read Value	reg_name = HKEY_CLASSES_ROOT\.vbs, data = VBSFile, type = REG_SZ	1	Fn
Registry	Open Key	reg_name = HKEY_CLASSES_ROOT\VBSFile\ScriptEngine	1	Fn
Registry	Read Value	reg_name = HKEY_CLASSES_ROOT\VBSFile\ScriptEngine, data = VBScript, type = REG_SZ	1	Fn
COM	Create	interface = 00000000-0000-0000-C000-000000000046, cls_context = CLSCTX_INPROC_SERVER, CLSCTX_INPROC_HANDLER, CLSCTX_LOCAL_SERVER, CLSCTX_REMOTE_SERVER	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Load	module_name = ole32.dll, base_address = 0x75c90000	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = CoCreateInstance, address_out = 0x75cd9d0b	1	Fn
COM	Create	interface = 6C736DC1-AB0D-11D0-A2AD-00A0C90F27E8, cls_context = CLSCTX_INPROC_SERVER	1	Fn
System	Get Time	type = Ticks, time = 32292	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1360789152958718586.vbs, desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1360789152958718586.vbs, type = size	1	Fn
Module	Create Mapping	module_name = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1360789152958718586.vbs, filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1360789152958718586.vbs, protection = PAGE_READONLY, maximum_size = 276	1	Fn
Module	Map	C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1360789152958718586.vbs, process_name = c:\windows\system32\cscript.exe, desired_access = FILE_MAP_READ	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Unmap	process_name = c:\windows\system32\cscript.exe	1	Fn
System	Get Info	type = System Directory	1	Fn
System	Get Info	type = System Directory, result_out = C:\Windows\system32	1	Fn
Module	Load	module_name = C:\Windows\system32\advapi32.dll, base_address = 0x75df0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferIdentifyLevel, address_out = 0x75e12102	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferComputeTokenFromLevel, address_out = 0x75e13352	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferCloseLevel, address_out = 0x75e13825	1	Fn
System	Get Info	type = Operating System	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1360789152958718586.vbs, type = size	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1360789152958718586.vbs, size = 276, size_out = 276	1	Fn Data
COM	Create	interface = E4D1C9B0-46E8-11D4-A2A6-00104BD35090, cls_context = CLSCTX_INPROC_SERVER	1	Fn
System	Get Info	type = Operating System	1	Fn
System	Get Info	type = Hardware Information	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = CreateBindCtx, address_out = 0x75cd6d2c	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = MkParseDisplayName, address_out = 0x75c9cea9	1	Fn
System	Get Info	type = Operating System	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Wbem\Scripting	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Wbem\Scripting, value_name = Default Impersonation Level, data = 3	1	Fn
System	Get Info	type = System Directory, result_out = C:\Windows\system32	1	Fn
Module	Load	module_name = C:\Windows\system32\advapi32.dll, base_address = 0x75df0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = DuplicateTokenEx, address_out = 0x75dfca24	1	Fn
COM	Create	interface = DC12A687-737F-11CF-884D-00AA004B2E24, cls_context = CLSCTX_INPROC_SERVER	1	Fn
COM	Create	interface = 3BC15AF2-736C-477E-9E51-238AF8667DCC, cls_context = CLSCTX_INPROC_SERVER	5	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = BindMoniker, address_out = 0x75c9c6a7	1	Fn
System	Sleep	duration = -1 (infinite)	1	Fn

Thread 0x79c

Category	Operation	Information	Success	Count	Logfile
Window	Create	class_name = WSH-Timer, wndproc_parameter = 6300448		1	Fn
Window	Set Attribute	class_name = WSH-Timer, index = 18446744073709551595, new_long = 6300448		1	Fn

Process #35: cmd.exe

Information	Value
ID	#35
File Name	c:\windows\system32\cmd.exe
Command Line	cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3549377093237930864.vbs
Initial Working Directory	C:\Windows\system32\
Monitor	Start Time: 00:02:04, Reason: Child Process
Unmonitor	End Time: 00:02:05, Reason: Self Terminated
Monitor Duration	00:00:01

OS Process Information

Information	Value
PID	0x42c
Parent PID	0x35c (c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\javaw.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x 134

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000030000	0x00030000	0x00033fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000040000	0x00040000	0x00040fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000050000	0x00050000	0x00056fff	Pagefile Backed Memory	-	-	-
private_0x0000000000060000	0x00060000	0x0015ffff	Private Memory	-	-	-
locale.nls	0x00160000	0x001c6fff	Memory Mapped File	-	-	-
pagefile_0x00000000001d0000	0x001d0000	0x001d1fff	Pagefile Backed Memory	-	-	-
private_0x00000000001e0000	0x001e0000	0x001e0fff	Private Memory	-	-	-
private_0x00000000001f0000	0x001f0000	0x001f0fff	Private Memory	-	-	-
private_0x0000000000200000	0x00200000	0x002fffff	Private Memory	-	-	-
pagefile_0x0000000000300000	0x00300000	0x003c7fff	Pagefile Backed Memory	-	-	-
private_0x00000000003d0000	0x003d0000	0x003dffff	Private Memory	-	-	-
pagefile_0x00000000003e0000	0x003e0000	0x004e0fff	Pagefile Backed Memory	-	-	-
pagefile_0x00000000004f0000	0x004f0000	0x010effff	Pagefile Backed Memory	-	-	-
pagefile_0x00000000010f0000	0x010f0000	0x0137afff	Pagefile Backed Memory	-	-	-
sortdefault.nls	0x01380000	0x0164efff	Memory Mapped File	-	-	-
cscript.exe	0x01650000	0x01671fff	Memory Mapped File	-	-	-
cscript.exe.mui	0x01680000	0x01682fff	Memory Mapped File	-	-	-
cmd.exe	0x4a710000	0x4a75bfff	Memory Mapped File	-	-	-
winbrand.dll	0x6fac0000	0x6fac6fff	Memory Mapped File	-	-	-
kernelbase.dll	0x753e0000	0x75429fff	Memory Mapped File	-	-	-
kernel32.dll	0x755a0000	0x75673fff	Memory Mapped File	-	-	-
user32.dll	0x75880000	0x75948fff	Memory Mapped File	-	-	-
usp10.dll	0x75950000	0x759ecfff	Memory Mapped File	-	-	-
gdi32.dll	0x75ec0000	0x75f0dfff	Memory Mapped File	-	-	-
lpk.dll	0x75f10000	0x75f19fff	Memory Mapped File	-	-	-
msvcrt.dll	0x76110000	0x761bbfff	Memory Mapped File	-	-	-
ntdll.dll	0x76fe0000	0x7711bfff	Memory Mapped File	-	-	-
imm32.dll	0x77120000	0x7713efff	Memory Mapped File	-	-	-
msctf.dll	0x77140000	0x7720bfff	Memory Mapped File	-	-	-
apisetschema.dll	0x77220000	0x77220fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffde000	0x7ffde000	0x7ffdefff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-

Threads

Thread 0x134

Category	Operation	Information	Count	Logfile
System	Get Time	type = System Time, time = 1627-02-05 14:07:09 (UTC)	1	Fn
System	Get Time	type = Ticks, time = 32557	1	Fn
Module	Get Handle	module_name = c:\windows\system32\cmd.exe, base_address = 0x4a710000	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x755f24c2	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	2	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
Environment	Get Environment String	-	2	Fn Data
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 192, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE	1	Fn
Module	Get Filename	process_name = c:\windows\system32\cmd.exe, file_name_orig = C:\Windows\system32\cmd.exe, size = 260	1	Fn
Environment	Get Environment String	name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\	1	Fn
Environment	Get Environment String	name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC	1	Fn
Environment	Get Environment String	name = PROMPT	1	Fn
Environment	Set Environment String	name = PROMPT, value = $P$G	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Get Environment String	name = COMSPEC, result_out = C:\Windows\system32\cmd.exe	1	Fn
Environment	Get Environment String	name = KEYS	1	Fn
File	Get Info	filename = C:\Windows\system32, type = file_attributes	1	Fn
File	Get Info	filename = C:\Windows\System32, type = file_attributes	1	Fn
Environment	Set Environment String	name = =C:, value = C:\Windows\System32	1	Fn
Environment	Get Environment String	-	1	Fn Data
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = CopyFileExW, address_out = 0x755dac6c	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = IsDebuggerPresent, address_out = 0x755e3ea8	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x755f2732	1	Fn
File	Get Info	filename = cscript.exe, type = file_attributes	1	Fn
Environment	Get Environment String	name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\	1	Fn
Environment	Get Environment String	name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC	1	Fn
Process	Create	process_name = C:\Windows\system32\cscript.exe, os_pid = 0x174, creation_flags = CREATE_EXTENDED_STARTUPINFO_PRESENT, show_window = SW_SHOWNORMAL	1	Fn
Environment	Set Environment String	name = COPYCMD	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Set Environment String	name = =ExitCode, value = 00000000	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Set Environment String	name = =ExitCodeAscii	1	Fn
Environment	Get Environment String	-	1	Fn Data
File	Open	filename = STD_OUTPUT_HANDLE	2	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn

Process #36: cscript.exe

Information	Value
ID	#36
File Name	c:\windows\system32\cscript.exe
Command Line	cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3549377093237930864.vbs
Initial Working Directory	C:\Windows\system32\
Monitor	Start Time: 00:02:04, Reason: Child Process
Unmonitor	End Time: 00:02:05, Reason: Self Terminated
Monitor Duration	00:00:01

OS Process Information

Information	Value
PID	0x174
Parent PID	0x42c (c:\windows\system32\cmd.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x 15C 0x 230 0x 574 0x 30C 0x 76C 0x 774 0x 778 0x 640

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	-	-	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000030000	0x00030000	0x00033fff	Pagefile Backed Memory	-	-	-
locale.nls	0x00040000	0x000a6fff	Memory Mapped File	-	-	-
pagefile_0x00000000000b0000	0x000b0000	0x000b6fff	Pagefile Backed Memory	-	-	-
pagefile_0x00000000000c0000	0x000c0000	0x000c1fff	Pagefile Backed Memory	-	-	-
cscript.exe.mui	0x000d0000	0x000d2fff	Memory Mapped File	-	-	-
private_0x00000000000e0000	0x000e0000	0x000e0fff	Private Memory	-	-	-
private_0x00000000000f0000	0x000f0000	0x000f0fff	Private Memory	-	-	-
private_0x0000000000100000	0x00100000	0x0010ffff	Private Memory	-	-	-
pagefile_0x0000000000110000	0x00110000	0x001d7fff	Pagefile Backed Memory	-	-	-
cscript.exe	0x001e0000	0x001ebfff	Memory Mapped File	-	-	-
pagefile_0x00000000001f0000	0x001f0000	0x001f0fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000200000	0x00200000	0x00200fff	Pagefile Backed Memory	-	-	-
private_0x0000000000210000	0x00210000	0x0030ffff	Private Memory	-	-	-
pagefile_0x0000000000310000	0x00310000	0x00410fff	Pagefile Backed Memory	-	-	-
rpcss.dll	0x00420000	0x0047bfff	Memory Mapped File	-	-	-
retrive3549377093237930864.vbs	0x00420000	0x00420fff	Memory Mapped File	-	-	-
rsaenh.dll	0x00420000	0x0045bfff	Memory Mapped File	-	-	-
private_0x0000000000420000	0x00420000	0x0042ffff	Private Memory	-	-	-
retrive3549377093237930864.vbs	0x00430000	0x00430fff	Memory Mapped File	-	-	-
wbemdisp.tlb	0x00430000	0x0043efff	Memory Mapped File	-	-	-
private_0x00000000004f0000	0x004f0000	0x005effff	Private Memory	-	-	-
private_0x00000000005f0000	0x005f0000	0x0073ffff	Private Memory	-	-	-
pagefile_0x00000000005f0000	0x005f0000	0x006cefff	Pagefile Backed Memory	-	-	-
private_0x0000000000700000	0x00700000	0x0073ffff	Private Memory	-	-	-
private_0x0000000000760000	0x00760000	0x0085ffff	Private Memory	-	-	-
sortdefault.nls	0x00860000	0x00b2efff	Memory Mapped File	-	-	-
private_0x0000000000b80000	0x00b80000	0x00c7ffff	Private Memory	-	-	-
private_0x0000000000cb0000	0x00cb0000	0x00daffff	Private Memory	-	-	-
private_0x0000000000db0000	0x00db0000	0x00eaffff	Private Memory	-	-	-
cscript.exe	0x00ec0000	0x00ee1fff	Memory Mapped File	-	-	-
pagefile_0x0000000000ef0000	0x00ef0000	0x01aeffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000001af0000	0x01af0000	0x01eeffff	Pagefile Backed Memory	-	-	-
private_0x0000000001ef0000	0x01ef0000	0x0202ffff	Private Memory	-	-	-
private_0x0000000001ef0000	0x01ef0000	0x01feffff	Private Memory	-	-	-
private_0x0000000001ff0000	0x01ff0000	0x0202ffff	Private Memory	-	-	-
private_0x0000000002040000	0x02040000	0x0213ffff	Private Memory	-	-	-
private_0x0000000002140000	0x02140000	0x0232ffff	Private Memory	-	-	-
private_0x0000000002140000	0x02140000	0x0227ffff	Private Memory	-	-	-
private_0x0000000002140000	0x02140000	0x0223ffff	Private Memory	-	-	-
private_0x0000000002240000	0x02240000	0x0227ffff	Private Memory	-	-	-
private_0x0000000002320000	0x02320000	0x0232ffff	Private Memory	-	-	-
private_0x0000000002410000	0x02410000	0x0250ffff	Private Memory	-	-	-
wbemdisp.dll	0x6f9a0000	0x6f9d0fff	Memory Mapped File	-	-	-
scrobj.dll	0x6f9e0000	0x6fa0cfff	Memory Mapped File	-	-	-
wshext.dll	0x6fa10000	0x6fa25fff	Memory Mapped File	-	-	-
vbscript.dll	0x6fa50000	0x6fabafff	Memory Mapped File	-	-	-
msisip.dll	0x6fad0000	0x6fad7fff	Memory Mapped File	-	-	-
wmiutils.dll	0x709f0000	0x70a06fff	Memory Mapped File	-	-	-
wbemsvc.dll	0x70ae0000	0x70aeefff	Memory Mapped File	-	-	-
wbemprox.dll	0x70d40000	0x70d49fff	Memory Mapped File	-	-	-
ntdsapi.dll	0x70d50000	0x70d67fff	Memory Mapped File	-	-	-
fastprox.dll	0x70d70000	0x70e05fff	Memory Mapped File	-	-	-
wbemcomn.dll	0x70f40000	0x70f9bfff	Memory Mapped File	-	-	-
comctl32.dll	0x72c00000	0x72c83fff	Memory Mapped File	-	-	-
dwmapi.dll	0x73c60000	0x73c72fff	Memory Mapped File	-	-	-
uxtheme.dll	0x73f90000	0x73fcffff	Memory Mapped File	-	-	-
version.dll	0x74680000	0x74688fff	Memory Mapped File	-	-	-
rsaenh.dll	0x749a0000	0x749dafff	Memory Mapped File	-	-	-
cryptsp.dll	0x74c00000	0x74c15fff	Memory Mapped File	-	-	-
cryptbase.dll	0x75080000	0x7508bfff	Memory Mapped File	-	-	-
sxs.dll	0x75090000	0x750eefff	Memory Mapped File	-	-	-
rpcrtremote.dll	0x75120000	0x7512dfff	Memory Mapped File	-	-	-
msasn1.dll	0x751a0000	0x751abfff	Memory Mapped File	-	-	-
crypt32.dll	0x751b0000	0x752ccfff	Memory Mapped File	-	-	-
wintrust.dll	0x752d0000	0x752fcfff	Memory Mapped File	-	-	-
kernelbase.dll	0x753e0000	0x75429fff	Memory Mapped File	-	-	-
shlwapi.dll	0x75480000	0x754d6fff	Memory Mapped File	-	-	-
sechost.dll	0x754f0000	0x75508fff	Memory Mapped File	-	-	-
oleaut32.dll	0x75510000	0x7559efff	Memory Mapped File	-	-	-
kernel32.dll	0x755a0000	0x75673fff	Memory Mapped File	-	-	-
user32.dll	0x75880000	0x75948fff	Memory Mapped File	-	-	-
usp10.dll	0x75950000	0x759ecfff	Memory Mapped File	-	-	-
ole32.dll	0x75c90000	0x75debfff	Memory Mapped File	-	-	-
advapi32.dll	0x75df0000	0x75e8ffff	Memory Mapped File	-	-	-
gdi32.dll	0x75ec0000	0x75f0dfff	Memory Mapped File	-	-	-
lpk.dll	0x75f10000	0x75f19fff	Memory Mapped File	-	-	-
clbcatq.dll	0x76060000	0x760e2fff	Memory Mapped File	-	-	-
nsi.dll	0x76100000	0x76105fff	Memory Mapped File	-	-	-
msvcrt.dll	0x76110000	0x761bbfff	Memory Mapped File	-	-	-
rpcrt4.dll	0x761c0000	0x76260fff	Memory Mapped File	-	-	-
shell32.dll	0x76350000	0x76f99fff	Memory Mapped File	-	-	-
ws2_32.dll	0x76fa0000	0x76fd4fff	Memory Mapped File	-	-	-
ntdll.dll	0x76fe0000	0x7711bfff	Memory Mapped File	-	-	-
imm32.dll	0x77120000	0x7713efff	Memory Mapped File	-	-	-
msctf.dll	0x77140000	0x7720bfff	Memory Mapped File	-	-	-
apisetschema.dll	0x77220000	0x77220fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffd7000	0x7ffd7000	0x7ffd7fff	Private Memory	-	-	-
private_0x000000007ffd8000	0x7ffd8000	0x7ffd8fff	Private Memory	-	-	-
private_0x000000007ffd9000	0x7ffd9000	0x7ffd9fff	Private Memory	-	-	-
private_0x000000007ffda000	0x7ffda000	0x7ffdafff	Private Memory	-	-	-
private_0x000000007ffdb000	0x7ffdb000	0x7ffdbfff	Private Memory	-	-	-
private_0x000000007ffdc000	0x7ffdc000	0x7ffdcfff	Private Memory	-	-	-
private_0x000000007ffdd000	0x7ffdd000	0x7ffddfff	Private Memory	-	-	-
private_0x000000007ffde000	0x7ffde000	0x7ffdefff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-

Threads

Thread 0x15c

Category	Operation	Information	Count	Logfile
System	Get Time	type = System Time, time = 1627-02-05 14:07:09 (UTC)	1	Fn
System	Get Time	type = Ticks, time = 32604	1	Fn
Module	Get Handle	module_name = c:\windows\system32\cscript.exe, base_address = 0xec0000	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Load	module_name = kernel32.dll, base_address = 0x755a0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x755f24c2	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 132, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = Enabled, data = 132, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = Enabled, data = 132, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 0, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = LogSecuritySuccesses, data = 0, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = LogSecuritySuccesses, data = 0, type = REG_NONE	1	Fn
Module	Load	module_name = kernel32.dll, base_address = 0x755a0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = HeapSetInformation, address_out = 0x755f4157	1	Fn
Module	Get Filename	module_name = c:\windows\system32\cscript.exe, process_name = c:\windows\system32\cscript.exe, file_name_orig = C:\Windows\system32\cscript.exe, size = 261	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 237, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = TrustPolicy, data = 89, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = UseWINSAFER, data = 237, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = TrustPolicy, data = 89, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = UseWINSAFER, data = 1, type = REG_SZ	1	Fn
Registry	Create Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = Timeout, data = 208, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = DisplayLogo, data = 1, type = REG_SZ	1	Fn
Registry	Create Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = Timeout, data = 208, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = DisplayLogo, data = 49, type = REG_NONE	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	1	Fn
File	Write	filename = STD_OUTPUT_HANDLE, size = 108	1	Fn Data
System	Sleep	duration = -1 (infinite)	1	Fn
Registry	Open Key	reg_name = HKEY_CLASSES_ROOT\.vbs	1	Fn
Registry	Read Value	reg_name = HKEY_CLASSES_ROOT\.vbs, data = VBSFile, type = REG_SZ	1	Fn
Registry	Open Key	reg_name = HKEY_CLASSES_ROOT\VBSFile\ScriptEngine	1	Fn
Registry	Read Value	reg_name = HKEY_CLASSES_ROOT\VBSFile\ScriptEngine, data = VBScript, type = REG_SZ	1	Fn
COM	Create	interface = 00000000-0000-0000-C000-000000000046, cls_context = CLSCTX_INPROC_SERVER, CLSCTX_INPROC_HANDLER, CLSCTX_LOCAL_SERVER, CLSCTX_REMOTE_SERVER	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Load	module_name = ole32.dll, base_address = 0x75c90000	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = CoCreateInstance, address_out = 0x75cd9d0b	1	Fn
COM	Create	interface = 6C736DC1-AB0D-11D0-A2AD-00A0C90F27E8, cls_context = CLSCTX_INPROC_SERVER	1	Fn
System	Get Time	type = Ticks, time = 32651	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3549377093237930864.vbs, desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3549377093237930864.vbs, type = size	1	Fn
Module	Create Mapping	module_name = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3549377093237930864.vbs, filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3549377093237930864.vbs, protection = PAGE_READONLY, maximum_size = 281	1	Fn
Module	Map	C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3549377093237930864.vbs, process_name = c:\windows\system32\cscript.exe, desired_access = FILE_MAP_READ	1	Fn
Module	Unmap	process_name = c:\windows\system32\cscript.exe	1	Fn
System	Get Info	type = System Directory	1	Fn
System	Get Info	type = System Directory, result_out = C:\Windows\system32	1	Fn
Module	Load	module_name = C:\Windows\system32\advapi32.dll, base_address = 0x75df0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferIdentifyLevel, address_out = 0x75e12102	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferComputeTokenFromLevel, address_out = 0x75e13352	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferCloseLevel, address_out = 0x75e13825	1	Fn
System	Get Info	type = Operating System	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3549377093237930864.vbs, type = size	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive3549377093237930864.vbs, size = 281, size_out = 281	1	Fn Data
COM	Create	interface = E4D1C9B0-46E8-11D4-A2A6-00104BD35090, cls_context = CLSCTX_INPROC_SERVER	1	Fn
System	Get Info	type = Operating System	1	Fn
System	Get Info	type = Hardware Information	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = CreateBindCtx, address_out = 0x75cd6d2c	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = MkParseDisplayName, address_out = 0x75c9cea9	1	Fn
System	Get Info	type = Operating System	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Wbem\Scripting	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Wbem\Scripting, value_name = Default Impersonation Level, data = 3	1	Fn
System	Get Info	type = System Directory, result_out = C:\Windows\system32	1	Fn
Module	Load	module_name = C:\Windows\system32\advapi32.dll, base_address = 0x75df0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = DuplicateTokenEx, address_out = 0x75dfca24	1	Fn
COM	Create	interface = DC12A687-737F-11CF-884D-00AA004B2E24, cls_context = CLSCTX_INPROC_SERVER	1	Fn
COM	Create	interface = 3BC15AF2-736C-477E-9E51-238AF8667DCC, cls_context = CLSCTX_INPROC_SERVER	5	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = BindMoniker, address_out = 0x75c9c6a7	1	Fn
System	Sleep	duration = -1 (infinite)	1	Fn

Thread 0x574

Category	Operation	Information	Success	Count	Logfile
Window	Create	class_name = WSH-Timer, wndproc_parameter = 1057568		1	Fn
Window	Set Attribute	class_name = WSH-Timer, index = 18446744073709551595, new_long = 1057568		1	Fn

Process #37: cmd.exe

Information	Value
ID	#37
File Name	c:\windows\system32\cmd.exe
Command Line	cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive7366168634408503799.vbs
Initial Working Directory	C:\Windows\system32\
Monitor	Start Time: 00:02:06, Reason: Child Process
Unmonitor	End Time: 00:02:07, Reason: Self Terminated
Monitor Duration	00:00:01

OS Process Information

Information	Value
PID	0x7a0
Parent PID	0x290 (c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x 784

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	-	-	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000030000	0x00030000	0x00033fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000040000	0x00040000	0x00040fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000050000	0x00050000	0x00056fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000060000	0x00060000	0x00061fff	Pagefile Backed Memory	-	-	-
private_0x0000000000070000	0x00070000	0x00070fff	Private Memory	-	-	-
private_0x0000000000080000	0x00080000	0x00080fff	Private Memory	-	-	-
cscript.exe.mui	0x00090000	0x00092fff	Memory Mapped File	-	-	-
private_0x00000000000b0000	0x000b0000	0x001affff	Private Memory	-	-	-
cscript.exe	0x001b0000	0x001d1fff	Memory Mapped File	-	-	-
private_0x00000000001f0000	0x001f0000	0x002effff	Private Memory	-	-	-
locale.nls	0x002f0000	0x00356fff	Memory Mapped File	-	-	-
pagefile_0x0000000000360000	0x00360000	0x00427fff	Pagefile Backed Memory	-	-	-
private_0x0000000000510000	0x00510000	0x0051ffff	Private Memory	-	-	-
pagefile_0x0000000000520000	0x00520000	0x00620fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000630000	0x00630000	0x0122ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000001230000	0x01230000	0x014bafff	Pagefile Backed Memory	-	-	-
sortdefault.nls	0x014c0000	0x0178efff	Memory Mapped File	-	-	-
cmd.exe	0x4a540000	0x4a58bfff	Memory Mapped File	-	-	-
winbrand.dll	0x738d0000	0x738d6fff	Memory Mapped File	-	-	-
kernelbase.dll	0x753e0000	0x75429fff	Memory Mapped File	-	-	-
kernel32.dll	0x755a0000	0x75673fff	Memory Mapped File	-	-	-
user32.dll	0x75880000	0x75948fff	Memory Mapped File	-	-	-
usp10.dll	0x75950000	0x759ecfff	Memory Mapped File	-	-	-
gdi32.dll	0x75ec0000	0x75f0dfff	Memory Mapped File	-	-	-
lpk.dll	0x75f10000	0x75f19fff	Memory Mapped File	-	-	-
msvcrt.dll	0x76110000	0x761bbfff	Memory Mapped File	-	-	-
ntdll.dll	0x76fe0000	0x7711bfff	Memory Mapped File	-	-	-
imm32.dll	0x77120000	0x7713efff	Memory Mapped File	-	-	-
msctf.dll	0x77140000	0x7720bfff	Memory Mapped File	-	-	-
apisetschema.dll	0x77220000	0x77220fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffde000	0x7ffde000	0x7ffdefff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-

Threads

Thread 0x784

Category	Operation	Information	Count	Logfile
System	Get Time	type = System Time, time = 1627-02-05 14:07:11 (UTC)	1	Fn
System	Get Time	type = Ticks, time = 34585	1	Fn
Module	Get Handle	module_name = c:\windows\system32\cmd.exe, base_address = 0x4a540000	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x755f24c2	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	2	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
Environment	Get Environment String	-	2	Fn Data
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 192, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE	1	Fn
Module	Get Filename	process_name = c:\windows\system32\cmd.exe, file_name_orig = C:\Windows\system32\cmd.exe, size = 260	1	Fn
Environment	Get Environment String	name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\	1	Fn
Environment	Get Environment String	name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC	1	Fn
Environment	Get Environment String	name = PROMPT	1	Fn
Environment	Set Environment String	name = PROMPT, value = $P$G	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Get Environment String	name = COMSPEC, result_out = C:\Windows\system32\cmd.exe	1	Fn
Environment	Get Environment String	name = KEYS	1	Fn
File	Get Info	filename = C:\Windows\system32, type = file_attributes	1	Fn
File	Get Info	filename = C:\Windows\System32, type = file_attributes	1	Fn
Environment	Set Environment String	name = =C:, value = C:\Windows\System32	1	Fn
Environment	Get Environment String	-	1	Fn Data
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = CopyFileExW, address_out = 0x755dac6c	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = IsDebuggerPresent, address_out = 0x755e3ea8	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x755f2732	1	Fn
File	Get Info	filename = cscript.exe, type = file_attributes	1	Fn
Environment	Get Environment String	name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\	1	Fn
Environment	Get Environment String	name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC	1	Fn
Process	Create	process_name = C:\Windows\system32\cscript.exe, os_pid = 0x718, creation_flags = CREATE_EXTENDED_STARTUPINFO_PRESENT, show_window = SW_SHOWNORMAL	1	Fn
Environment	Set Environment String	name = COPYCMD	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Set Environment String	name = =ExitCode, value = 00000000	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Set Environment String	name = =ExitCodeAscii	1	Fn
Environment	Get Environment String	-	1	Fn Data
File	Open	filename = STD_OUTPUT_HANDLE	2	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn

Process #38: cscript.exe

Information	Value
ID	#38
File Name	c:\windows\system32\cscript.exe
Command Line	cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive7366168634408503799.vbs
Initial Working Directory	C:\Windows\system32\
Monitor	Start Time: 00:02:06, Reason: Child Process
Unmonitor	End Time: 00:02:07, Reason: Self Terminated
Monitor Duration	00:00:01

OS Process Information

Information	Value
PID	0x718
Parent PID	0x7a0 (c:\windows\system32\cmd.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x 790 0x 274 0x 544 0x 74C 0x 768 0x 564 0x 638 0x 6D0

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	-	-	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000030000	0x00030000	0x00033fff	Pagefile Backed Memory	-	-	-
locale.nls	0x00040000	0x000a6fff	Memory Mapped File	-	-	-
pagefile_0x00000000000b0000	0x000b0000	0x000b6fff	Pagefile Backed Memory	-	-	-
pagefile_0x00000000000c0000	0x000c0000	0x000c1fff	Pagefile Backed Memory	-	-	-
cscript.exe.mui	0x000d0000	0x000d2fff	Memory Mapped File	-	-	-
private_0x00000000000e0000	0x000e0000	0x000e0fff	Private Memory	-	-	-
private_0x00000000000f0000	0x000f0000	0x000f0fff	Private Memory	-	-	-
private_0x0000000000100000	0x00100000	0x001fffff	Private Memory	-	-	-
rpcss.dll	0x00200000	0x0025bfff	Memory Mapped File	-	-	-
cscript.exe	0x00200000	0x0020bfff	Memory Mapped File	-	-	-
pagefile_0x0000000000210000	0x00210000	0x00210fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000220000	0x00220000	0x00220fff	Pagefile Backed Memory	-	-	-
retrive7366168634408503799.vbs	0x00230000	0x00230fff	Memory Mapped File	-	-	-
rsaenh.dll	0x00230000	0x0026bfff	Memory Mapped File	-	-	-
private_0x0000000000230000	0x00230000	0x0023ffff	Private Memory	-	-	-
retrive7366168634408503799.vbs	0x00240000	0x00240fff	Memory Mapped File	r		... Region Actions Download Dump
wbemdisp.tlb	0x00240000	0x0024efff	Memory Mapped File	-	-	-
private_0x0000000000270000	0x00270000	0x0027ffff	Private Memory	-	-	-
private_0x00000000002a0000	0x002a0000	0x0039ffff	Private Memory	-	-	-
pagefile_0x00000000003a0000	0x003a0000	0x00467fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000470000	0x00470000	0x00570fff	Pagefile Backed Memory	-	-	-
private_0x0000000000580000	0x00580000	0x006affff	Private Memory	-	-	-
pagefile_0x0000000000580000	0x00580000	0x0065efff	Pagefile Backed Memory	-	-	-
private_0x0000000000670000	0x00670000	0x006affff	Private Memory	-	-	-
private_0x0000000000770000	0x00770000	0x0086ffff	Private Memory	-	-	-
cscript.exe	0x00870000	0x00891fff	Memory Mapped File	-	-	-
pagefile_0x00000000008a0000	0x008a0000	0x0149ffff	Pagefile Backed Memory	-	-	-
sortdefault.nls	0x014a0000	0x0176efff	Memory Mapped File	-	-	-
private_0x0000000001780000	0x01780000	0x0187ffff	Private Memory	-	-	-
private_0x0000000001960000	0x01960000	0x01a5ffff	Private Memory	-	-	-
private_0x0000000001ad0000	0x01ad0000	0x01bcffff	Private Memory	-	-	-
pagefile_0x0000000001bd0000	0x01bd0000	0x01fcffff	Pagefile Backed Memory	-	-	-
private_0x0000000001fd0000	0x01fd0000	0x020bffff	Private Memory	-	-	-
private_0x00000000020c0000	0x020c0000	0x021bffff	Private Memory	-	-	-
private_0x00000000021c0000	0x021c0000	0x022affff	Private Memory	-	-	-
private_0x00000000022b0000	0x022b0000	0x0241ffff	Private Memory	-	-	-
private_0x0000000002420000	0x02420000	0x0251ffff	Private Memory	-	-	-
private_0x0000000002580000	0x02580000	0x0267ffff	Private Memory	-	-	-
private_0x0000000002820000	0x02820000	0x0291ffff	Private Memory	-	-	-
wmiutils.dll	0x709f0000	0x70a06fff	Memory Mapped File	-	-	-
wbemsvc.dll	0x70ae0000	0x70aeefff	Memory Mapped File	-	-	-
wbemprox.dll	0x70d40000	0x70d49fff	Memory Mapped File	-	-	-
ntdsapi.dll	0x70d50000	0x70d67fff	Memory Mapped File	-	-	-
fastprox.dll	0x70d70000	0x70e05fff	Memory Mapped File	-	-	-
wbemcomn.dll	0x70f40000	0x70f9bfff	Memory Mapped File	-	-	-
wbemdisp.dll	0x72780000	0x727b0fff	Memory Mapped File	-	-	-
scrobj.dll	0x727c0000	0x727ecfff	Memory Mapped File	-	-	-
comctl32.dll	0x727f0000	0x72873fff	Memory Mapped File	-	-	-
wshext.dll	0x72c00000	0x72c15fff	Memory Mapped File	-	-	-
vbscript.dll	0x72c20000	0x72c8afff	Memory Mapped File	-	-	-
msisip.dll	0x738c0000	0x738c7fff	Memory Mapped File	-	-	-
dwmapi.dll	0x73c60000	0x73c72fff	Memory Mapped File	-	-	-
uxtheme.dll	0x73f90000	0x73fcffff	Memory Mapped File	-	-	-
version.dll	0x74680000	0x74688fff	Memory Mapped File	-	-	-
rsaenh.dll	0x749a0000	0x749dafff	Memory Mapped File	-	-	-
cryptsp.dll	0x74c00000	0x74c15fff	Memory Mapped File	-	-	-
cryptbase.dll	0x75080000	0x7508bfff	Memory Mapped File	-	-	-
sxs.dll	0x75090000	0x750eefff	Memory Mapped File	-	-	-
rpcrtremote.dll	0x75120000	0x7512dfff	Memory Mapped File	-	-	-
msasn1.dll	0x751a0000	0x751abfff	Memory Mapped File	-	-	-
crypt32.dll	0x751b0000	0x752ccfff	Memory Mapped File	-	-	-
wintrust.dll	0x752d0000	0x752fcfff	Memory Mapped File	-	-	-
kernelbase.dll	0x753e0000	0x75429fff	Memory Mapped File	-	-	-
shlwapi.dll	0x75480000	0x754d6fff	Memory Mapped File	-	-	-
sechost.dll	0x754f0000	0x75508fff	Memory Mapped File	-	-	-
oleaut32.dll	0x75510000	0x7559efff	Memory Mapped File	-	-	-
kernel32.dll	0x755a0000	0x75673fff	Memory Mapped File	-	-	-
user32.dll	0x75880000	0x75948fff	Memory Mapped File	-	-	-
usp10.dll	0x75950000	0x759ecfff	Memory Mapped File	-	-	-
ole32.dll	0x75c90000	0x75debfff	Memory Mapped File	-	-	-
advapi32.dll	0x75df0000	0x75e8ffff	Memory Mapped File	-	-	-
gdi32.dll	0x75ec0000	0x75f0dfff	Memory Mapped File	-	-	-
lpk.dll	0x75f10000	0x75f19fff	Memory Mapped File	-	-	-
clbcatq.dll	0x76060000	0x760e2fff	Memory Mapped File	-	-	-
nsi.dll	0x76100000	0x76105fff	Memory Mapped File	-	-	-
msvcrt.dll	0x76110000	0x761bbfff	Memory Mapped File	-	-	-
rpcrt4.dll	0x761c0000	0x76260fff	Memory Mapped File	-	-	-
shell32.dll	0x76350000	0x76f99fff	Memory Mapped File	-	-	-
ws2_32.dll	0x76fa0000	0x76fd4fff	Memory Mapped File	-	-	-
ntdll.dll	0x76fe0000	0x7711bfff	Memory Mapped File	-	-	-
imm32.dll	0x77120000	0x7713efff	Memory Mapped File	-	-	-
msctf.dll	0x77140000	0x7720bfff	Memory Mapped File	-	-	-
apisetschema.dll	0x77220000	0x77220fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffd5000	0x7ffd5000	0x7ffd5fff	Private Memory	-	-	-
private_0x000000007ffd8000	0x7ffd8000	0x7ffd8fff	Private Memory	-	-	-
private_0x000000007ffd9000	0x7ffd9000	0x7ffd9fff	Private Memory	-	-	-
private_0x000000007ffda000	0x7ffda000	0x7ffdafff	Private Memory	-	-	-
private_0x000000007ffdb000	0x7ffdb000	0x7ffdbfff	Private Memory	-	-	-
private_0x000000007ffdc000	0x7ffdc000	0x7ffdcfff	Private Memory	-	-	-
private_0x000000007ffdd000	0x7ffdd000	0x7ffddfff	Private Memory	-	-	-
private_0x000000007ffde000	0x7ffde000	0x7ffdefff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-

Threads

Thread 0x790

Category	Operation	Information	Count	Logfile
System	Get Time	type = System Time, time = 1627-02-05 14:07:11 (UTC)	1	Fn
System	Get Time	type = Ticks, time = 34647	1	Fn
Module	Get Handle	module_name = c:\windows\system32\cscript.exe, base_address = 0x870000	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Load	module_name = kernel32.dll, base_address = 0x755a0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x755f24c2	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 228, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = Enabled, data = 228, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = Enabled, data = 228, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 0, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = LogSecuritySuccesses, data = 0, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = LogSecuritySuccesses, data = 0, type = REG_NONE	1	Fn
Module	Load	module_name = kernel32.dll, base_address = 0x755a0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = HeapSetInformation, address_out = 0x755f4157	1	Fn
Module	Get Filename	module_name = c:\windows\system32\cscript.exe, process_name = c:\windows\system32\cscript.exe, file_name_orig = C:\Windows\system32\cscript.exe, size = 261	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 237, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = TrustPolicy, data = 148, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = UseWINSAFER, data = 237, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = TrustPolicy, data = 148, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = UseWINSAFER, data = 1, type = REG_SZ	1	Fn
Registry	Create Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = Timeout, data = 48, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = DisplayLogo, data = 1, type = REG_SZ	1	Fn
Registry	Create Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = Timeout, data = 48, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = DisplayLogo, data = 49, type = REG_NONE	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	1	Fn
File	Write	filename = STD_OUTPUT_HANDLE, size = 108	1	Fn Data
System	Sleep	duration = -1 (infinite)	1	Fn
Registry	Open Key	reg_name = HKEY_CLASSES_ROOT\.vbs	1	Fn
Registry	Read Value	reg_name = HKEY_CLASSES_ROOT\.vbs, data = VBSFile, type = REG_SZ	1	Fn
Registry	Open Key	reg_name = HKEY_CLASSES_ROOT\VBSFile\ScriptEngine	1	Fn
Registry	Read Value	reg_name = HKEY_CLASSES_ROOT\VBSFile\ScriptEngine, data = VBScript, type = REG_SZ	1	Fn
COM	Create	interface = 00000000-0000-0000-C000-000000000046, cls_context = CLSCTX_INPROC_SERVER, CLSCTX_INPROC_HANDLER, CLSCTX_LOCAL_SERVER, CLSCTX_REMOTE_SERVER	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Load	module_name = ole32.dll, base_address = 0x75c90000	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = CoCreateInstance, address_out = 0x75cd9d0b	1	Fn
COM	Create	interface = 6C736DC1-AB0D-11D0-A2AD-00A0C90F27E8, cls_context = CLSCTX_INPROC_SERVER	1	Fn
System	Get Time	type = Ticks, time = 34694	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive7366168634408503799.vbs, desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive7366168634408503799.vbs, type = size	1	Fn
Module	Create Mapping	module_name = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive7366168634408503799.vbs, filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive7366168634408503799.vbs, protection = PAGE_READONLY, maximum_size = 276	1	Fn
Module	Map	C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive7366168634408503799.vbs, process_name = c:\windows\system32\cscript.exe, desired_access = FILE_MAP_READ	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Unmap	process_name = c:\windows\system32\cscript.exe	1	Fn
System	Get Info	type = System Directory	1	Fn
System	Get Info	type = System Directory, result_out = C:\Windows\system32	1	Fn
Module	Load	module_name = C:\Windows\system32\advapi32.dll, base_address = 0x75df0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferIdentifyLevel, address_out = 0x75e12102	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferComputeTokenFromLevel, address_out = 0x75e13352	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferCloseLevel, address_out = 0x75e13825	1	Fn
System	Get Info	type = Operating System	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive7366168634408503799.vbs, type = size	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive7366168634408503799.vbs, size = 276, size_out = 276	1	Fn Data
COM	Create	interface = E4D1C9B0-46E8-11D4-A2A6-00104BD35090, cls_context = CLSCTX_INPROC_SERVER	1	Fn
System	Get Info	type = Operating System	1	Fn
System	Get Info	type = Hardware Information	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = CreateBindCtx, address_out = 0x75cd6d2c	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = MkParseDisplayName, address_out = 0x75c9cea9	1	Fn
System	Get Info	type = Operating System	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Wbem\Scripting	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Wbem\Scripting, value_name = Default Impersonation Level, data = 3	1	Fn
System	Get Info	type = System Directory, result_out = C:\Windows\system32	1	Fn
Module	Load	module_name = C:\Windows\system32\advapi32.dll, base_address = 0x75df0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = DuplicateTokenEx, address_out = 0x75dfca24	1	Fn
COM	Create	interface = DC12A687-737F-11CF-884D-00AA004B2E24, cls_context = CLSCTX_INPROC_SERVER	1	Fn
COM	Create	interface = 3BC15AF2-736C-477E-9E51-238AF8667DCC, cls_context = CLSCTX_INPROC_SERVER	5	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = BindMoniker, address_out = 0x75c9c6a7	1	Fn
System	Sleep	duration = -1 (infinite)	1	Fn

Thread 0x544

Category	Operation	Information	Success	Count	Logfile
Window	Create	class_name = WSH-Timer, wndproc_parameter = 2564896		1	Fn
Window	Set Attribute	class_name = WSH-Timer, index = 18446744073709551595, new_long = 2564896		1	Fn

Process #39: cmd.exe

Information	Value
ID	#39
File Name	c:\windows\system32\cmd.exe
Command Line	cmd.exe /C cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1162148989861803484.vbs
Initial Working Directory	C:\Windows\system32\
Monitor	Start Time: 00:02:06, Reason: Child Process
Unmonitor	End Time: 00:02:08, Reason: Self Terminated
Monitor Duration	00:00:02

OS Process Information

Information	Value
PID	0x624
Parent PID	0x290 (c:\users\2xc7u663gxwc\appdata\roaming\oracle\bin\java.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x 5D8

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	-	-	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000030000	0x00030000	0x00033fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000040000	0x00040000	0x00040fff	Pagefile Backed Memory	-	-	-
locale.nls	0x00050000	0x000b6fff	Memory Mapped File	-	-	-
pagefile_0x00000000000c0000	0x000c0000	0x00187fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000190000	0x00190000	0x00196fff	Pagefile Backed Memory	-	-	-
pagefile_0x00000000001a0000	0x001a0000	0x001a1fff	Pagefile Backed Memory	-	-	-
private_0x00000000001b0000	0x001b0000	0x001b0fff	Private Memory	-	-	-
private_0x00000000001c0000	0x001c0000	0x001c0fff	Private Memory	-	-	-
cscript.exe.mui	0x001d0000	0x001d2fff	Memory Mapped File	-	-	-
private_0x00000000001e0000	0x001e0000	0x002dffff	Private Memory	-	-	-
cscript.exe	0x002e0000	0x00301fff	Memory Mapped File	-	-	-
private_0x0000000000390000	0x00390000	0x0048ffff	Private Memory	-	-	-
pagefile_0x0000000000490000	0x00490000	0x00590fff	Pagefile Backed Memory	-	-	-
private_0x0000000000650000	0x00650000	0x0065ffff	Private Memory	-	-	-
pagefile_0x0000000000660000	0x00660000	0x0125ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000001260000	0x01260000	0x014eafff	Pagefile Backed Memory	-	-	-
sortdefault.nls	0x014f0000	0x017befff	Memory Mapped File	-	-	-
cmd.exe	0x4a540000	0x4a58bfff	Memory Mapped File	-	-	-
winbrand.dll	0x738c0000	0x738c6fff	Memory Mapped File	-	-	-
kernelbase.dll	0x753e0000	0x75429fff	Memory Mapped File	-	-	-
kernel32.dll	0x755a0000	0x75673fff	Memory Mapped File	-	-	-
user32.dll	0x75880000	0x75948fff	Memory Mapped File	-	-	-
usp10.dll	0x75950000	0x759ecfff	Memory Mapped File	-	-	-
gdi32.dll	0x75ec0000	0x75f0dfff	Memory Mapped File	-	-	-
lpk.dll	0x75f10000	0x75f19fff	Memory Mapped File	-	-	-
msvcrt.dll	0x76110000	0x761bbfff	Memory Mapped File	-	-	-
ntdll.dll	0x76fe0000	0x7711bfff	Memory Mapped File	-	-	-
imm32.dll	0x77120000	0x7713efff	Memory Mapped File	-	-	-
msctf.dll	0x77140000	0x7720bfff	Memory Mapped File	-	-	-
apisetschema.dll	0x77220000	0x77220fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffde000	0x7ffde000	0x7ffdefff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-

Threads

Thread 0x5d8

Category	Operation	Information	Count	Logfile
System	Get Time	type = System Time, time = 1627-02-05 14:07:12 (UTC)	1	Fn
System	Get Time	type = Ticks, time = 34944	1	Fn
Module	Get Handle	module_name = c:\windows\system32\cmd.exe, base_address = 0x4a540000	1	Fn
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x755f24c2	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	2	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn
Environment	Get Environment String	-	2	Fn Data
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 192, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE	1	Fn
Module	Get Filename	process_name = c:\windows\system32\cmd.exe, file_name_orig = C:\Windows\system32\cmd.exe, size = 260	1	Fn
Environment	Get Environment String	name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\	1	Fn
Environment	Get Environment String	name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC	1	Fn
Environment	Get Environment String	name = PROMPT	1	Fn
Environment	Set Environment String	name = PROMPT, value = $P$G	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Get Environment String	name = COMSPEC, result_out = C:\Windows\system32\cmd.exe	1	Fn
Environment	Get Environment String	name = KEYS	1	Fn
File	Get Info	filename = C:\Windows\system32, type = file_attributes	1	Fn
File	Get Info	filename = C:\Windows\System32, type = file_attributes	1	Fn
Environment	Set Environment String	name = =C:, value = C:\Windows\System32	1	Fn
Environment	Get Environment String	-	1	Fn Data
Module	Get Handle	module_name = c:\windows\system32\kernel32.dll, base_address = 0x755a0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = CopyFileExW, address_out = 0x755dac6c	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = IsDebuggerPresent, address_out = 0x755e3ea8	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x755f2732	1	Fn
File	Get Info	filename = cscript.exe, type = file_attributes	1	Fn
Environment	Get Environment String	name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\	1	Fn
Environment	Get Environment String	name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC	1	Fn
Process	Create	process_name = C:\Windows\system32\cscript.exe, os_pid = 0x640, creation_flags = CREATE_EXTENDED_STARTUPINFO_PRESENT, show_window = SW_SHOWNORMAL	1	Fn
Environment	Set Environment String	name = COPYCMD	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Set Environment String	name = =ExitCode, value = 00000000	1	Fn
Environment	Get Environment String	-	1	Fn Data
Environment	Set Environment String	name = =ExitCodeAscii	1	Fn
Environment	Get Environment String	-	1	Fn Data
File	Open	filename = STD_OUTPUT_HANDLE	2	Fn
File	Open	filename = STD_INPUT_HANDLE	1	Fn

Process #40: cscript.exe

Information	Value
ID	#40
File Name	c:\windows\system32\cscript.exe
Command Line	cscript.exe C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1162148989861803484.vbs
Initial Working Directory	C:\Windows\system32\
Monitor	Start Time: 00:02:06, Reason: Child Process
Unmonitor	End Time: 00:02:08, Reason: Self Terminated
Monitor Duration	00:00:02

OS Process Information

Information	Value
PID	0x640
Parent PID	0x624 (c:\windows\system32\cmd.exe)
Is Created or Modified Executable
Integrity Level	Medium
Username	ZGW5TDPU\2XC7u663GxWc
Enabled Privileges	SeChangeNotifyPrivilege
Thread IDs	0x 230 0x 76C 0x 774 0x 778 0x 15C 0x 188 0x 318 0x 6B0

Region

Name	Start VA	End VA	Type	Permissions	Dumped	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	-	-	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000030000	0x00030000	0x00033fff	Pagefile Backed Memory	-	-	-
cscript.exe	0x00040000	0x00061fff	Memory Mapped File	-	-	-
pagefile_0x0000000000070000	0x00070000	0x00076fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000080000	0x00080000	0x00081fff	Pagefile Backed Memory	-	-	-
private_0x0000000000090000	0x00090000	0x0018ffff	Private Memory	-	-	-
locale.nls	0x00190000	0x001f6fff	Memory Mapped File	-	-	-
cscript.exe.mui	0x00200000	0x00202fff	Memory Mapped File	-	-	-
private_0x0000000000210000	0x00210000	0x00210fff	Private Memory	-	-	-
private_0x0000000000220000	0x00220000	0x00220fff	Private Memory	-	-	-
rpcss.dll	0x00230000	0x0028bfff	Memory Mapped File	-	-	-
cscript.exe	0x00230000	0x0023bfff	Memory Mapped File	-	-	-
pagefile_0x0000000000240000	0x00240000	0x00240fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000250000	0x00250000	0x00250fff	Pagefile Backed Memory	-	-	-
retrive1162148989861803484.vbs	0x00260000	0x00260fff	Memory Mapped File	-	-	-
rsaenh.dll	0x00260000	0x0029bfff	Memory Mapped File	-	-	-
private_0x0000000000260000	0x00260000	0x0026ffff	Private Memory	-	-	-
retrive1162148989861803484.vbs	0x00270000	0x00270fff	Memory Mapped File	r		... Region Actions Download Dump
wbemdisp.tlb	0x00270000	0x0027efff	Memory Mapped File	-	-	-
private_0x00000000002a0000	0x002a0000	0x0039ffff	Private Memory	-	-	-
pagefile_0x00000000003a0000	0x003a0000	0x00467fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000470000	0x00470000	0x0054efff	Pagefile Backed Memory	-	-	-
private_0x0000000000570000	0x00570000	0x0057ffff	Private Memory	-	-	-
pagefile_0x0000000000580000	0x00580000	0x00680fff	Pagefile Backed Memory	-	-	-
pagefile_0x0000000000690000	0x00690000	0x0128ffff	Pagefile Backed Memory	-	-	-
private_0x0000000001290000	0x01290000	0x0143ffff	Private Memory	-	-	-
private_0x00000000012c0000	0x012c0000	0x013bffff	Private Memory	-	-	-
private_0x0000000001400000	0x01400000	0x0143ffff	Private Memory	-	-	-
private_0x0000000001490000	0x01490000	0x0158ffff	Private Memory	-	-	-
sortdefault.nls	0x01590000	0x0185efff	Memory Mapped File	-	-	-
private_0x00000000018e0000	0x018e0000	0x019dffff	Private Memory	-	-	-
pagefile_0x00000000019e0000	0x019e0000	0x01ddffff	Pagefile Backed Memory	-	-	-
private_0x0000000001ed0000	0x01ed0000	0x01fcffff	Private Memory	-	-	-
private_0x0000000001fd0000	0x01fd0000	0x0214ffff	Private Memory	-	-	-
private_0x0000000001fd0000	0x01fd0000	0x020cffff	Private Memory	-	-	-
private_0x0000000002140000	0x02140000	0x0214ffff	Private Memory	-	-	-
private_0x0000000002150000	0x02150000	0x0226ffff	Private Memory	-	-	-
private_0x0000000002270000	0x02270000	0x0247ffff	Private Memory	-	-	-
private_0x0000000002270000	0x02270000	0x0236ffff	Private Memory	-	-	-
private_0x0000000002440000	0x02440000	0x0247ffff	Private Memory	-	-	-
private_0x0000000002570000	0x02570000	0x0266ffff	Private Memory	-	-	-
private_0x00000000027e0000	0x027e0000	0x028dffff	Private Memory	-	-	-
wmiutils.dll	0x709f0000	0x70a06fff	Memory Mapped File	-	-	-
wbemsvc.dll	0x70ae0000	0x70aeefff	Memory Mapped File	-	-	-
wbemprox.dll	0x70d40000	0x70d49fff	Memory Mapped File	-	-	-
ntdsapi.dll	0x70d50000	0x70d67fff	Memory Mapped File	-	-	-
fastprox.dll	0x70d70000	0x70e05fff	Memory Mapped File	-	-	-
wbemcomn.dll	0x70f40000	0x70f9bfff	Memory Mapped File	-	-	-
comctl32.dll	0x72780000	0x72803fff	Memory Mapped File	-	-	-
vbscript.dll	0x72810000	0x7287afff	Memory Mapped File	-	-	-
wbemdisp.dll	0x72c00000	0x72c30fff	Memory Mapped File	-	-	-
scrobj.dll	0x72c40000	0x72c6cfff	Memory Mapped File	-	-	-
wshext.dll	0x72c70000	0x72c85fff	Memory Mapped File	-	-	-
msisip.dll	0x738d0000	0x738d7fff	Memory Mapped File	-	-	-
dwmapi.dll	0x73c60000	0x73c72fff	Memory Mapped File	-	-	-
uxtheme.dll	0x73f90000	0x73fcffff	Memory Mapped File	-	-	-
version.dll	0x74680000	0x74688fff	Memory Mapped File	-	-	-
rsaenh.dll	0x749a0000	0x749dafff	Memory Mapped File	-	-	-
cryptsp.dll	0x74c00000	0x74c15fff	Memory Mapped File	-	-	-
cryptbase.dll	0x75080000	0x7508bfff	Memory Mapped File	-	-	-
sxs.dll	0x75090000	0x750eefff	Memory Mapped File	-	-	-
rpcrtremote.dll	0x75120000	0x7512dfff	Memory Mapped File	-	-	-
msasn1.dll	0x751a0000	0x751abfff	Memory Mapped File	-	-	-
crypt32.dll	0x751b0000	0x752ccfff	Memory Mapped File	-	-	-
wintrust.dll	0x752d0000	0x752fcfff	Memory Mapped File	-	-	-
kernelbase.dll	0x753e0000	0x75429fff	Memory Mapped File	-	-	-
shlwapi.dll	0x75480000	0x754d6fff	Memory Mapped File	-	-	-
sechost.dll	0x754f0000	0x75508fff	Memory Mapped File	-	-	-
oleaut32.dll	0x75510000	0x7559efff	Memory Mapped File	-	-	-
kernel32.dll	0x755a0000	0x75673fff	Memory Mapped File	-	-	-
user32.dll	0x75880000	0x75948fff	Memory Mapped File	-	-	-
usp10.dll	0x75950000	0x759ecfff	Memory Mapped File	-	-	-
ole32.dll	0x75c90000	0x75debfff	Memory Mapped File	-	-	-
advapi32.dll	0x75df0000	0x75e8ffff	Memory Mapped File	-	-	-
gdi32.dll	0x75ec0000	0x75f0dfff	Memory Mapped File	-	-	-
lpk.dll	0x75f10000	0x75f19fff	Memory Mapped File	-	-	-
clbcatq.dll	0x76060000	0x760e2fff	Memory Mapped File	-	-	-
nsi.dll	0x76100000	0x76105fff	Memory Mapped File	-	-	-
msvcrt.dll	0x76110000	0x761bbfff	Memory Mapped File	-	-	-
rpcrt4.dll	0x761c0000	0x76260fff	Memory Mapped File	-	-	-
shell32.dll	0x76350000	0x76f99fff	Memory Mapped File	-	-	-
ws2_32.dll	0x76fa0000	0x76fd4fff	Memory Mapped File	-	-	-
ntdll.dll	0x76fe0000	0x7711bfff	Memory Mapped File	-	-	-
imm32.dll	0x77120000	0x7713efff	Memory Mapped File	-	-	-
msctf.dll	0x77140000	0x7720bfff	Memory Mapped File	-	-	-
apisetschema.dll	0x77220000	0x77220fff	Memory Mapped File	-	-	-
pagefile_0x000000007f6f0000	0x7f6f0000	0x7f7effff	Pagefile Backed Memory	-	-	-
pagefile_0x000000007ffb0000	0x7ffb0000	0x7ffd2fff	Pagefile Backed Memory	-	-	-
private_0x000000007ffd7000	0x7ffd7000	0x7ffd7fff	Private Memory	-	-	-
private_0x000000007ffd8000	0x7ffd8000	0x7ffd8fff	Private Memory	-	-	-
private_0x000000007ffd9000	0x7ffd9000	0x7ffd9fff	Private Memory	-	-	-
private_0x000000007ffda000	0x7ffda000	0x7ffdafff	Private Memory	-	-	-
private_0x000000007ffdb000	0x7ffdb000	0x7ffdbfff	Private Memory	-	-	-
private_0x000000007ffdc000	0x7ffdc000	0x7ffdcfff	Private Memory	-	-	-
private_0x000000007ffdd000	0x7ffdd000	0x7ffddfff	Private Memory	-	-	-
private_0x000000007ffde000	0x7ffde000	0x7ffdefff	Private Memory	-	-	-
private_0x000000007ffdf000	0x7ffdf000	0x7ffdffff	Private Memory	-	-	-

Threads

Thread 0x230

Category	Operation	Information	Count	Logfile
System	Get Time	type = System Time, time = 1627-02-05 14:07:12 (UTC)	1	Fn
System	Get Time	type = Ticks, time = 34991	1	Fn
Module	Get Handle	module_name = c:\windows\system32\cscript.exe, base_address = 0x40000	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Load	module_name = kernel32.dll, base_address = 0x755a0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x755f24c2	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 116, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = Enabled, data = 116, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = Enabled, data = 116, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 0, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = LogSecuritySuccesses, data = 0, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = LogSecuritySuccesses, data = 0, type = REG_NONE	1	Fn
Module	Load	module_name = kernel32.dll, base_address = 0x755a0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\kernel32.dll, function = HeapSetInformation, address_out = 0x755f4157	1	Fn
Module	Get Filename	module_name = c:\windows\system32\cscript.exe, process_name = c:\windows\system32\cscript.exe, file_name_orig = C:\Windows\system32\cscript.exe, size = 261	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 237, type = REG_NONE	1	Fn
Registry	Open Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = TrustPolicy, data = 67, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = UseWINSAFER, data = 237, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = TrustPolicy, data = 67, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = UseWINSAFER, data = 1, type = REG_SZ	1	Fn
Registry	Create Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = Timeout, data = 192, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = DisplayLogo, data = 1, type = REG_SZ	1	Fn
Registry	Create Key	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = Timeout, data = 192, type = REG_NONE	1	Fn
Registry	Read Value	reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = DisplayLogo, data = 49, type = REG_NONE	1	Fn
File	Open	filename = STD_OUTPUT_HANDLE	1	Fn
File	Write	filename = STD_OUTPUT_HANDLE, size = 108	1	Fn Data
System	Sleep	duration = -1 (infinite)	1	Fn
Registry	Open Key	reg_name = HKEY_CLASSES_ROOT\.vbs	1	Fn
Registry	Read Value	reg_name = HKEY_CLASSES_ROOT\.vbs, data = VBSFile, type = REG_SZ	1	Fn
Registry	Open Key	reg_name = HKEY_CLASSES_ROOT\VBSFile\ScriptEngine	1	Fn
Registry	Read Value	reg_name = HKEY_CLASSES_ROOT\VBSFile\ScriptEngine, data = VBScript, type = REG_SZ	1	Fn
COM	Create	interface = 00000000-0000-0000-C000-000000000046, cls_context = CLSCTX_INPROC_SERVER, CLSCTX_INPROC_HANDLER, CLSCTX_LOCAL_SERVER, CLSCTX_REMOTE_SERVER	1	Fn
System	Get Info	type = Operating System	1	Fn
Module	Load	module_name = ole32.dll, base_address = 0x75c90000	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = CoCreateInstance, address_out = 0x75cd9d0b	1	Fn
COM	Create	interface = 6C736DC1-AB0D-11D0-A2AD-00A0C90F27E8, cls_context = CLSCTX_INPROC_SERVER	1	Fn
System	Get Time	type = Ticks, time = 35037	1	Fn
File	Create	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1162148989861803484.vbs, desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1162148989861803484.vbs, type = size	1	Fn
Module	Create Mapping	module_name = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1162148989861803484.vbs, filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1162148989861803484.vbs, protection = PAGE_READONLY, maximum_size = 281	1	Fn
Module	Map	C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1162148989861803484.vbs, process_name = c:\windows\system32\cscript.exe, desired_access = FILE_MAP_READ	1	Fn
Module	Unmap	process_name = c:\windows\system32\cscript.exe	1	Fn
System	Get Info	type = System Directory	1	Fn
System	Get Info	type = System Directory, result_out = C:\Windows\system32	1	Fn
Module	Load	module_name = C:\Windows\system32\advapi32.dll, base_address = 0x75df0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferIdentifyLevel, address_out = 0x75e12102	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferComputeTokenFromLevel, address_out = 0x75e13352	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = SaferCloseLevel, address_out = 0x75e13825	1	Fn
System	Get Info	type = Operating System	1	Fn
File	Get Info	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1162148989861803484.vbs, type = size	1	Fn
File	Read	filename = C:\Users\2XC7U6~1\AppData\Local\Temp\Retrive1162148989861803484.vbs, size = 281, size_out = 281	1	Fn Data
COM	Create	interface = E4D1C9B0-46E8-11D4-A2A6-00104BD35090, cls_context = CLSCTX_INPROC_SERVER	1	Fn
System	Get Info	type = Operating System	1	Fn
System	Get Info	type = Hardware Information	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = CreateBindCtx, address_out = 0x75cd6d2c	1	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = MkParseDisplayName, address_out = 0x75c9cea9	1	Fn
System	Get Info	type = Operating System	1	Fn
Registry	Open Key	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Wbem\Scripting	1	Fn
Registry	Read Value	reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Wbem\Scripting, value_name = Default Impersonation Level, data = 3	1	Fn
System	Get Info	type = System Directory, result_out = C:\Windows\system32	1	Fn
Module	Load	module_name = C:\Windows\system32\advapi32.dll, base_address = 0x75df0000	1	Fn
Module	Get Address	module_name = c:\windows\system32\advapi32.dll, function = DuplicateTokenEx, address_out = 0x75dfca24	1	Fn
COM	Create	interface = DC12A687-737F-11CF-884D-00AA004B2E24, cls_context = CLSCTX_INPROC_SERVER	1	Fn
COM	Create	interface = 3BC15AF2-736C-477E-9E51-238AF8667DCC, cls_context = CLSCTX_INPROC_SERVER	5	Fn
Module	Get Address	module_name = c:\windows\system32\ole32.dll, function = BindMoniker, address_out = 0x75c9c6a7	1	Fn
System	Sleep	duration = -1 (infinite)	1	Fn

Thread 0x774

Category	Operation	Information	Success	Count	Logfile
Window	Create	class_name = WSH-Timer, wndproc_parameter = 5710624		1	Fn
Window	Set Attribute	class_name = WSH-Timer, index = 18446744073709551595, new_long = 5710624		1	Fn

Notifications (2/2)

Monitored Processes

Behavior Information - Sequential View

Before

After