Report #8424 check_circle

  • Creation Date: March 3, 2020, 4:30 p.m.
  • Last Update: March 3, 2020, 7:59 p.m.
  • File: Comprovante.pdf.zip.exe
  • Results:
Binary
DLL
False cancel
Size
1.16MB
trid
51.0% Win32 EXE PECompact compressed
17.4% Win32 Executable Delphi generic
16.0% Windows screen saver
5.5% Win32 Executable
2.5% Win16/32 Executable Delphi generic
type
PE
wordsize
32
Subsystem
Windows GUI
Hashes
md5
9a51e80fcb57c52e9a25a17a62b305fd
sha1
653254fac0897b7db2cd5388226d05e00ee8741e
crc32
0xc23a89e6
sha224
875631272bad78bd09a8bff3d51ffbe4fc87229b313ace658c254aa7
sha256
d4f23b8edc0328f2a4291e0a20eefe98768c8266a728d5253ea2069ee6b3ab24
sha384
cfdadfd7a1a2192b02427af36d32e74dc841a72abc24d3507f73dca78cf9deca7fc5c5aae2a5b5c98dfdc5490f9ee85c
sha512
f6f3db8fd7bad82dd0b9d0d1493e6eb64cd914fe82ea8bdc6d0fcb210b46bf65ca98372b51e7fe205bd3a27a87e94bc85523940808e08d019ff7e75d34f5197b
ssdeep
12288:sxuZs/smowBJ9wMGb4rT1wVGBmuie2tAQD9f+kY3MBA6888888888888W888888q:u/smZX88TmGBmuFJO9+kY3JO
Community
Google
False cancel
HashLib
False cancel
YARA
Matches
domain, Borland, CRC32b_poly_Constant, network_dropper, CRC32_poly_Constant, BASE64_table, RIPEMD160_Constants, borland_delphi, Delphi_RandomRange, CRC32_table, Microsoft_Visual_Cpp_v50v60_MFC, win_files_operation, IsPE32, WMI_strings, contentis_base64, IP, win_mutex, Delphi_Random, IsWindowsGUI, inject_thread, anti_dbg, SHA1_Constants, win_registry, MD5_Constants, Big_Numbers3

Suspicious
True check_circle

Strings
List
t.Ht
G:\Sistemas e Aplicativos\sources\final fantasy x\Novo Pro 2010\NOVA KLL REMOTO 2012\Projeto 2013 Full\Trabalhos\SourceEncryptLoader\CopileEncrypt\debug\source\AbWavPack.pas
G:\Sistemas e Aplicativos\sources\final fantasy x\Novo Pro 2010\NOVA KLL REMOTO 2012\Projeto 2013 Full\Trabalhos\SourceEncryptLoader\CopileEncrypt\debug\source\AbDfBase.pas
G:\Sistemas e Aplicativos\sources\final fantasy x\Novo Pro 2010\NOVA KLL REMOTO 2012\Projeto 2013 Full\Trabalhos\SourceEncryptLoader\CopileEncrypt\debug\source\AbDfXlat.pas
G:\Sistemas e Aplicativos\sources\final fantasy x\Novo Pro 2010\NOVA KLL REMOTO 2012\Projeto 2013 Full\Trabalhos\SourceEncryptLoader\CopileEncrypt\debug\source\AbDfDec.pas
G:\Sistemas e Aplicativos\sources\final fantasy x\Novo Pro 2010\NOVA KLL REMOTO 2012\Projeto 2013 Full\Trabalhos\SourceEncryptLoader\CopileEncrypt\debug\source\AbDfEnc.pas
G:\Sistemas e Aplicativos\sources\final fantasy x\Novo Pro 2010\NOVA KLL REMOTO 2012\Projeto 2013 Full\Trabalhos\SourceEncryptLoader\CopileEncrypt\debug\source\AbDfEnc.pas
G:\Sistemas e Aplicativos\sources\final fantasy x\Novo Pro 2010\NOVA KLL REMOTO 2012\Projeto 2013 Full\Trabalhos\SourceEncryptLoader\CopileEncrypt\debug\source\AbDfEnc.pas
G:\Sistemas e Aplicativos\sources\final fantasy x\Novo Pro 2010\NOVA KLL REMOTO 2012\Projeto 2013 Full\Trabalhos\SourceEncryptLoader\CopileEncrypt\debug\source\AbDfStrm.pas
G:\Sistemas e Aplicativos\sources\final fantasy x\Novo Pro 2010\NOVA KLL REMOTO 2012\Projeto 2013 Full\Trabalhos\SourceEncryptLoader\CopileEncrypt\debug\source\AbDfStrm.pas
G:\Sistemas e Aplicativos\sources\final fantasy x\Novo Pro 2010\NOVA KLL REMOTO 2012\Projeto 2013 Full\Trabalhos\SourceEncryptLoader\CopileEncrypt\debug\source\AbDfStrm.pas
G:\Sistemas e Aplicativos\sources\final fantasy x\Novo Pro 2010\NOVA KLL REMOTO 2012\Projeto 2013 Full\Trabalhos\SourceEncryptLoader\CopileEncrypt\debug\source\AbDfStrm.pas
G:\Sistemas e Aplicativos\sources\final fantasy x\Novo Pro 2010\NOVA KLL REMOTO 2012\Projeto 2013 Full\Trabalhos\SourceEncryptLoader\CopileEncrypt\debug\source\AbDfStrm.pas
G:\Sistemas e Aplicativos\sources\final fantasy x\Novo Pro 2010\NOVA KLL REMOTO 2012\Projeto 2013 Full\Trabalhos\SourceEncryptLoader\CopileEncrypt\debug\source\AbZipTyp.pas
G:\Sistemas e Aplicativos\sources\final fantasy x\Novo Pro 2010\NOVA KLL REMOTO 2012\Projeto 2013 Full\Trabalhos\SourceEncryptLoader\CopileEncrypt\debug\source\AbDfStrm.pas
G:\Sistemas e Aplicativos\sources\final fantasy x\Novo Pro 2010\NOVA KLL REMOTO 2012\Projeto 2013 Full\Trabalhos\SourceEncryptLoader\CopileEncrypt\debug\source\AbDfStrm.pas
G:\Sistemas e Aplicativos\sources\final fantasy x\Novo Pro 2010\NOVA KLL REMOTO 2012\Projeto 2013 Full\Trabalhos\SourceEncryptLoader\CopileEncrypt\debug\source\AbDfStrm.pas
G:\Sistemas e Aplicativos\sources\final fantasy x\Novo Pro 2010\NOVA KLL REMOTO 2012\Projeto 2013 Full\Trabalhos\SourceEncryptLoader\CopileEncrypt\debug\source\AbDfStrm.pas
G:\Sistemas e Aplicativos\sources\final fantasy x\Novo Pro 2010\NOVA KLL REMOTO 2012\Projeto 2013 Full\Trabalhos\SourceEncryptLoader\CopileEncrypt\debug\source\AbDfStrm.pas
G:\Sistemas e Aplicativos\sources\final fantasy x\Novo Pro 2010\NOVA KLL REMOTO 2012\Projeto 2013 Full\Trabalhos\SourceEncryptLoader\CopileEncrypt\debug\source\AbDfBase.pas
G:\Sistemas e Aplicativos\sources\final fantasy x\Novo Pro 2010\NOVA KLL REMOTO 2012\Projeto 2013 Full\Trabalhos\SourceEncryptLoader\CopileEncrypt\debug\source\AbDfStrm.pas
G:\Sistemas e Aplicativos\sources\final fantasy x\Novo Pro 2010\NOVA KLL REMOTO 2012\Projeto 2013 Full\Trabalhos\SourceEncryptLoader\CopileEncrypt\debug\source\AbDfXlat.pas
G:\Sistemas e Aplicativos\sources\final fantasy x\Novo Pro 2010\NOVA KLL REMOTO 2012\Projeto 2013 Full\Trabalhos\SourceEncryptLoader\CopileEncrypt\debug\source\AbDfBase.pas
G:\Sistemas e Aplicativos\sources\final fantasy x\Novo Pro 2010\NOVA KLL REMOTO 2012\Projeto 2013 Full\Trabalhos\SourceEncryptLoader\CopileEncrypt\debug\source\AbDfHufD.pas
G:\Sistemas e Aplicativos\sources\final fantasy x\Novo Pro 2010\NOVA KLL REMOTO 2012\Projeto 2013 Full\Trabalhos\SourceEncryptLoader\CopileEncrypt\debug\source\AbDfHufD.pas
G:\Sistemas e Aplicativos\sources\final fantasy x\Novo Pro 2010\NOVA KLL REMOTO 2012\Projeto 2013 Full\Trabalhos\SourceEncryptLoader\CopileEncrypt\debug\source\AbDfHufD.pas
G:\Sistemas e Aplicativos\sources\final fantasy x\Novo Pro 2010\NOVA KLL REMOTO 2012\Projeto 2013 Full\Trabalhos\SourceEncryptLoader\CopileEncrypt\debug\source\AbDfHufD.pas
G:\Sistemas e Aplicativos\sources\final fantasy x\Novo Pro 2010\NOVA KLL REMOTO 2012\Projeto 2013 Full\Trabalhos\SourceEncryptLoader\CopileEncrypt\debug\source\AbDfCryS.pas
G:\Sistemas e Aplicativos\sources\final fantasy x\Novo Pro 2010\NOVA KLL REMOTO 2012\Projeto 2013 Full\Trabalhos\SourceEncryptLoader\CopileEncrypt\debug\source\AbDfInW.pas
G:\Sistemas e Aplicativos\sources\final fantasy x\Novo Pro 2010\NOVA KLL REMOTO 2012\Projeto 2013 Full\Trabalhos\SourceEncryptLoader\CopileEncrypt\debug\source\AbDfCryS.pas
G:\Sistemas e Aplicativos\sources\final fantasy x\Novo Pro 2010\NOVA KLL REMOTO 2012\Projeto 2013 Full\Trabalhos\SourceEncryptLoader\CopileEncrypt\debug\source\AbDfCryS.pas
G:\Sistemas e Aplicativos\sources\final fantasy x\Novo Pro 2010\NOVA KLL REMOTO 2012\Projeto 2013 Full\Trabalhos\SourceEncryptLoader\CopileEncrypt\debug\source\AbDfCryS.pas
G:\Sistemas e Aplicativos\sources\final fantasy x\Novo Pro 2010\NOVA KLL REMOTO 2012\Projeto 2013 Full\Trabalhos\SourceEncryptLoader\CopileEncrypt\debug\source\AbDfPkMg.pas
G:\Sistemas e Aplicativos\sources\final fantasy x\Novo Pro 2010\NOVA KLL REMOTO 2012\Projeto 2013 Full\Trabalhos\SourceEncryptLoader\CopileEncrypt\debug\source\AbDfCryS.pas
%s.Seek not implemented$Operation not allowed on sorted list$%s not in a class registration group
TAbDfDecodeHuffmanTree.Build: a code length is greater than %d
TAbDfDecryptStream.Read: the stream header has not been verified
TAbSpanWriteStream.Read unsupported
TAbSpanReadStream.Seek unsupported
TAbSpanWriteStream.Seek unsupported
Cannot load cabinet.dll
cabinet.dll
strings.txt{1
B.rsrc
TAbUnzipOutputStream.Read not supported
Software\Borland\Locales
Software\Borland\Delphi\Locales
ntdll.dll
FIsEncrypted
IsEncrypted
IsEncrypted
IsEncrypted
Stub must be an executable
ptDelete ptExtract ptFreshen
extracted
smDeflated
Compression Error %d
1.1H1a1{1
TAbLogger.Read: loggers are write-only, no reading allowed
1TabSlidingWindowStream.bsWriteChunk: write failed+TabSlidingWindowStream.Seek: invalid origin1TabSlidingWindowStream.Seek: invalid new position
TabSlidingWindowStream.Seek: invalid origin
TAbLogger.Seek: loggers are write-only, no seeking allowed
Count|FD
TabSlidingWindowStream.Seek: invalid new position
SELECT * FROM AntiVirusProduct
Thread Error: %s (%d)-Cannot terminate an externally created thread,Cannot wait for an externally created thread2Cannot call Start on a running or suspended thread The specified file was not found
no more compressed data in stream [TAbDfInBitStream.ReadBuffer]
no more compressed data in stream [TAbDfInBitStream.ReadBits]
no more compressed data in stream [TAbDfInBitStream.ReadBit]
Reserved3
8AbDfHufD
no more compressed data in stream [TAbDfInBitStream.DiscardBits]
no more compressed data in stream [TAbDfInBitStream.DiscardBits]
dwReserved0
can't allocate memory
Software\CodeGear\Locales
too many channels!
Bad process handle
Apartment
FTerminated
-Insert disk number %d of the spanned disk set*Cannot update an existing spanned disk set.Cannot make a self-extracting spanned disk set
added deleted
FCI file delete error
%s,Custom variant type (%s%.4x) is out of range/Custom variant type (%s%.4x) already used by %s*Custom variant type (%s%.4x) is not usable2Too many custom variant types have been registered5Could not convert variant of type (%s) into type (%s)=Overflow while converting variant of type (%s) into type (%s)
Division by zero
Delete
List
Delete
Count
Delete
Next
Count
Count
Delete
Count
Count
Count
Count
Delete
Count

Foremost
Matches
2381.zip, 20 KB, 0.exe, 1 MB
Suspicious
True check_circle
Heuristics
IPs
hasIPs: False cancel
Allowed
Suspicious
hasAllowed: False cancel
hasSuspicious: False cancel

URLs
Allowed
hasURLs: False cancel
Suspicious
hasAllowed: False cancel
hasSuspicious: False cancel

Files
Allowed: ole32.dll, Cannot load cabinet.dll, PSAPI.dll, USER32.DLL, kernel32.dll, oleaut32.dll, cabinet.dll, ntdll.dll, msvcrt.dll, URLMON.DLL, shell32.dll, advapi32.dll
hasFiles: True check_circle
Suspicious
hasAllowed: True check_circle
hasSuspicious: False cancel

Binary
Sizes
RVA
RVA: 16
Suspicious: False cancel
Code
Size: 532992
Suspicious: False cancel
Image
Address: 4194304
Suspicious: False cancel
Stack
Stack: 16384
Suspicious: False cancel
Headers
Headers: 1024
Suspicious: False cancel
Suspicious: False cancel

Symbols
Number
Number: 0
Suspicious: True check_circle
Pointer
Pointer: 0
Suspicious: True check_circle
Directories
Number: 16
Suspicious: False cancel

Checksum
Value: 0
Suspicous: True check_circle

Sections
Allowed: .text, .itext, .data, .bss, .idata, .tls, .rdata, .reloc, .rsrc
Suspicious
hasAllowed: True check_circle
hasSections: True check_circle
hasSuspicious: False cancel

Versions
OS
Version: 5
Suspicious: False cancel
Image
Version: True check_circle
Suspicious: 5
Linker
Version: 2.25
Suspicious: False cancel
Subsystem
Version: 5.0
Suspicious: False cancel
Suspicious: False cancel

EntryPoint
Address: 690232
Suspicious: False cancel

Anomalies
Anomalies: The header checksum and the calculated checksum do not match.
hasAnomalies: True check_circle

Libraries
Allowed: ole32.dll, psapi.dll, user32.dll, kernel32.dll, oleaut32.dll, cabinet.dll, ntdll.dll, msvcrt.dll, urlmon.dll, shell32.dll, advapi32.dll
hasLibs: True check_circle
Suspicious: cannot load cabinet.dll
hasAllowed: True check_circle
hasSuspicious: True check_circle

Timestamp
Past: False cancel
Valid: True check_circle
Value: 2015-04-10 23:25:38
Future: False cancel

Compilation
Packed: False cancel
Missing: True check_circle
Packers
Compiled: False cancel
Compilers

Obfuscation
XOR: False cancel
Fuzzing: True check_circle

PEDetector
Matches
None
Suspicious
False cancel
Disassembly
hasTricks
True check_circle
Tricks
pushret
.data: 1
.text: 20
.itext: 3

nopsequence
.itext: 1

pushpopmath
.data: 17
.rsrc: 7
.text: 15
.reloc: 51

ss register
.reloc: 2

garbagebytes
.data: 1
.text: 17
.itext: 3

hookdetection
.text: 2
.reloc: 4

software breakpoint
.text: 23
.reloc: 14

programcontrolflowchange
.data: 1
.text: 17
.itext: 3

cpuinstructionsresultscomparison
.rsrc: 18
.text: 9

AVclass
banload
1
VirusTotal
md5
9a51e80fcb57c52e9a25a17a62b305fd
sha1
653254fac0897b7db2cd5388226d05e00ee8741e
SCANS (DETECTION RATE = 56.06%)
AVG
result: Win32:GenMalicious-KFA [Trj]
update: 20190310
version: 18.4.3895.0
detected: True check_circle

CMC
update: 20190310
version: 1.1.0.977
detected: False cancel

MAX
result: malware (ai score=88)
update: 20190310
version: 2018.9.12.1
detected: True check_circle

Bkav
update: 20190308
version: 1.3.0.9899
detected: False cancel

K7GW
update: 20190310
version: 11.32.30234
detected: False cancel

ALYac
update: 20190310
version: 1.1.1.5
detected: False cancel

Avast
result: Win32:GenMalicious-KFA [Trj]
update: 20190310
version: 18.4.3895.0
detected: True check_circle

Avira
result: TR/Dldr.Delphi.Gen
update: 20190310
version: 8.3.3.8
detected: True check_circle

Baidu
update: 20190306
version: 1.0.0.2
detected: False cancel

Cyren
update: 20190310
version: 6.2.0.1
detected: False cancel

DrWeb
update: 20190310
version: 7.0.34.11020
detected: False cancel

GData
result: Gen:Trojan.Heur.DP.kLW@aOYNLqoO
update: 20190310
version: A:25.21040B:25.14572
detected: True check_circle

Panda
result: Trj/Genetic.gen
update: 20190310
version: 4.6.4.2
detected: True check_circle

VBA32
result: TrojanDownloader.Banload
update: 20190307
version: 4.0.0
detected: True check_circle

Zoner
update: 20190310
version: 1.0
detected: False cancel

ClamAV
update: 20190310
version: 0.101.1.0
detected: False cancel

Comodo
update: 20190310
version: 30548
detected: False cancel

F-Prot
update: 20190310
version: 4.7.1.166
detected: False cancel

McAfee
result: GenericRXCC-YZ!9A51E80FCB57
update: 20190310
version: 6.0.6.653
detected: True check_circle

Rising
result: Downloader.Banload!8.15B (CLOUD)
update: 20190310
version: 25.0.0.24
detected: True check_circle

Sophos
result: Mal/Behav-053
update: 20190310
version: 4.98.0
detected: True check_circle

Yandex
result: Trojan.DL.Banload!QPvJBFZWh3M
update: 20190310
version: 5.5.1.3
detected: True check_circle

Zillya
result: Downloader.Delf.Win32.44285
update: 20190307
version: 2.0.0.3768
detected: True check_circle

Acronis
update: 20190222
version: 1.0.1.40
detected: False cancel

Alibaba
update: 20190306
version: 0.2.0.3
detected: False cancel

Arcabit
result: Trojan.Heur.DP.E956D6
update: 20190310
version: 1.0.0.837
detected: True check_circle

Babable
update: 20180918
version: 9107201
detected: False cancel

Cylance
result: Unsafe
update: 20190310
version: 2.3.1.101
detected: True check_circle

TACHYON
update: 20190310
version: 2019-03-10.02
detected: False cancel

Tencent
result: Win32.Trojan-downloader.Banload.Hufh
update: 20190310
version: 1.0.0.1
detected: True check_circle

ViRobot
update: 20190310
version: 2014.3.20.0
detected: False cancel

eGambit
update: 20190310
version: v4.3.6
detected: False cancel

Ad-Aware
result: Gen:Trojan.Heur.DP.kLW@aOYNLqoO
update: 20190310
version: 3.0.5.370
detected: True check_circle

AegisLab
update: 20190310
version: 4.2
detected: False cancel

Emsisoft
result: Gen:Trojan.Heur.DP.kLW@aOYNLqoO (B)
update: 20190310
version: 2018.4.0.1029
detected: True check_circle

F-Secure
result: Trojan.TR/Dldr.Delphi.Gen
update: 20190310
version: 12.0.86.52
detected: True check_circle

Fortinet
result: W32/Banload.VMY!tr.dldr
update: 20190310
version: 5.4.247.0
detected: True check_circle

Invincea
result: heuristic
update: 20181128
version: 6.3.6.26157
detected: True check_circle

Jiangmin
result: TrojanDownloader.Delf.apbw
update: 20190310
version: 16.0.100
detected: True check_circle

Kingsoft
update: 20190310
version: 2013.8.14.323
detected: False cancel

Paloalto
result: generic.ml
update: 20190310
version: 1.0
detected: True check_circle

Trapmine
result: malicious.moderate.ml.score
update: 20190301
version: 3.1.48.748
detected: True check_circle

AhnLab-V3
result: Trojan/Win32.Gen.C860751
update: 20190310
version: 3.14.1.22785
detected: True check_circle

Antiy-AVL
result: Trojan[Downloader]/Win32.Delf
update: 20190310
version: 3.0.0.1
detected: True check_circle

Kaspersky
result: Trojan-Downloader.Win32.Banload.cwie
update: 20190310
version: 15.0.1.13
detected: True check_circle

Microsoft
result: TrojanDownloader:Win32/Banload
update: 20190307
version: 1.1.15700.9
detected: True check_circle

Qihoo-360
result: HEUR/QVM41.1.Malware.Gen
update: 20190310
version: 1.0.0.1120
detected: True check_circle

TheHacker
update: 20190308
version: 6.8.0.5.4056
detected: False cancel

Trustlook
update: 20190310
version: 1.0
detected: False cancel

ZoneAlarm
result: Trojan-Downloader.Win32.Banload.cwie
update: 20190310
version: 1.0
detected: True check_circle

Cybereason
result: malicious.fcb57c
update: 20190109
version: 1.2.27
detected: True check_circle

ESET-NOD32
result: Win32/TrojanDownloader.Banload.VMY
update: 20190310
version: 19003
detected: True check_circle

TrendMicro
update: 20190310
version: 10.0.0.1040
detected: False cancel

BitDefender
result: Gen:Trojan.Heur.DP.kLW@aOYNLqoO
update: 20190310
version: 7.2
detected: True check_circle

CrowdStrike
result: win/malicious_confidence_100% (D)
update: 20190212
version: 1.0
detected: True check_circle

K7AntiVirus
update: 20190310
version: 11.32.30234
detected: False cancel

SentinelOne
result: static engine - malicious
update: 20190203
version: 1.0.23.276
detected: True check_circle

Avast-Mobile
update: 20190310
version: 190310-00
detected: False cancel

Malwarebytes
update: 20190310
version: 2.1.1.1115
detected: False cancel

TotalDefense
update: 20190310
version: 37.1.62.1
detected: False cancel

CAT-QuickHeal
update: 20190310
version: 14.00
detected: False cancel

NANO-Antivirus
result: Trojan.Win32.Delphi.dqnssa
update: 20190310
version: 1.0.134.24576
detected: True check_circle

MicroWorld-eScan
result: Gen:Trojan.Heur.DP.kLW@aOYNLqoO
update: 20190310
version: 14.0.297.0
detected: True check_circle

SUPERAntiSpyware
update: 20190307
version: 5.6.0.1032
detected: False cancel

McAfee-GW-Edition
result: BehavesLike.Win32.PUPXEF.tm
update: 20190310
version: v2017.3010
detected: True check_circle

TrendMicro-HouseCall
update: 20190310
version: 10.0.0.1040
detected: False cancel

total
66
sha256
d4f23b8edc0328f2a4291e0a20eefe98768c8266a728d5253ea2069ee6b3ab24
scan_id
d4f23b8edc0328f2a4291e0a20eefe98768c8266a728d5253ea2069ee6b3ab24-1552237081
resource
9a51e80fcb57c52e9a25a17a62b305fd
positives
37
scan_date
2019-03-10 16:58:01
verbose_msg
Scan finished, information embedded
response_code
1
File
Trace
3/3/2020 - 18:45:43.668Open1480C:\malware.exeC:\Windows\SysWOW64\wbem\Logs
3/3/2020 - 18:45:43.715Unknown1480C:\malware.exeC:\Windows\SysWOW64\wbem\Logs
3/3/2020 - 18:45:43.715Open1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
3/3/2020 - 18:45:43.715Open1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
3/3/2020 - 18:45:43.715Open1480C:\malware.exeC:\Windows\SysWOW64\wbem\wbemprox.dll
3/3/2020 - 18:45:43.715Open1480C:\malware.exeC:\Windows\SysWOW64\wbem\wbemprox.dll
3/3/2020 - 18:45:43.715Open1480C:\malware.exeC:\SXS.DLL
3/3/2020 - 18:45:43.715Open1480C:\malware.exeC:\Windows\SysWOW64\sxs.dll
3/3/2020 - 18:45:43.715Open1480C:\malware.exeC:\Windows\SysWOW64\sxs.dll
3/3/2020 - 18:45:43.715Open1480C:\malware.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
3/3/2020 - 18:45:43.715Read1480C:\malware.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
3/3/2020 - 18:45:43.715Read1480C:\malware.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
3/3/2020 - 18:45:43.715Read1480C:\malware.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
3/3/2020 - 18:45:43.715Read1480C:\malware.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
3/3/2020 - 18:45:43.715Read1480C:\malware.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
3/3/2020 - 18:45:43.715Open1480C:\malware.exeC:\Windows\Globalization\Sorting\SortDefault.nls
3/3/2020 - 18:45:43.715Unknown1480C:\malware.exeC:\Windows\Globalization\Sorting\SortDefault.nlsSortDefault.nls
3/3/2020 - 18:45:43.715Read1480C:\malware.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
3/3/2020 - 18:45:43.715Read1480C:\malware.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
3/3/2020 - 18:45:43.715Read1480C:\malware.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
3/3/2020 - 18:45:43.715Read1480C:\malware.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
3/3/2020 - 18:45:43.715Read1480C:\malware.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
3/3/2020 - 18:45:43.715Read1480C:\malware.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
3/3/2020 - 18:45:43.715Read1480C:\malware.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
3/3/2020 - 18:45:43.715Read1480C:\malware.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
3/3/2020 - 18:45:43.715Read1480C:\malware.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
3/3/2020 - 18:45:43.715Read1480C:\malware.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
3/3/2020 - 18:45:43.715Read1480C:\malware.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
3/3/2020 - 18:45:43.715Open1480C:\malware.exeC:\Windows\SysWOW64\wbem\wmiutils.dll
3/3/2020 - 18:45:43.715Open1480C:\malware.exeC:\Windows\SysWOW64\wbem\wmiutils.dll
3/3/2020 - 18:45:43.731Open1480C:\malware.exeC:\Windows\SysWOW64\nlaapi.dll
3/3/2020 - 18:45:43.731Open1480C:\malware.exeC:\Windows\SysWOW64\nlaapi.dll
3/3/2020 - 18:45:43.731Open1480C:\malware.exeC:\Windows\SysWOW64\NapiNSP.dll
3/3/2020 - 18:45:43.731Open1480C:\malware.exeC:\Windows\SysWOW64\NapiNSP.dll
3/3/2020 - 18:45:43.809Open1480C:\malware.exeC:\Windows\SysWOW64\pnrpnsp.dll
3/3/2020 - 18:45:43.809Open1480C:\malware.exeC:\Windows\SysWOW64\pnrpnsp.dll
3/3/2020 - 18:45:43.809Open1480C:\malware.exeC:\Windows\SysWOW64\mswsock.dll
3/3/2020 - 18:45:43.809Open1480C:\malware.exeC:\Windows\SysWOW64\mswsock.dll
3/3/2020 - 18:45:43.809Open1480C:\malware.exeC:\DNSAPI.dll
3/3/2020 - 18:45:43.809Open1480C:\malware.exeC:\Windows\SysWOW64\dnsapi.dll
3/3/2020 - 18:45:43.809Open1480C:\malware.exeC:\Windows\SysWOW64\dnsapi.dll
3/3/2020 - 18:45:43.809Open1480C:\malware.exeC:\Windows\SysWOW64\winrnr.dll
3/3/2020 - 18:45:43.809Open1480C:\malware.exeC:\Windows\SysWOW64\winrnr.dll
3/3/2020 - 18:45:43.809Open1480C:\malware.exeC:\IPHLPAPI.DLL
3/3/2020 - 18:45:43.809Open1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
3/3/2020 - 18:45:43.809Open1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
3/3/2020 - 18:45:43.809Open1480C:\malware.exeC:\WINNSI.DLL
3/3/2020 - 18:45:43.809Open1480C:\malware.exeC:\Windows\SysWOW64\winnsi.dll
3/3/2020 - 18:45:43.809Open1480C:\malware.exeC:\Windows\SysWOW64\winnsi.dll
3/3/2020 - 18:45:43.872Open1480C:\malware.exeC:\Windows\SysWOW64\FWPUCLNT.DLL
3/3/2020 - 18:45:43.872Open1480C:\malware.exeC:\Windows\SysWOW64\FWPUCLNT.DLL
3/3/2020 - 18:45:43.965Open1480C:\malware.exeC:\rasadhlp.dll
3/3/2020 - 18:45:43.965Open1480C:\malware.exeC:\Windows\SysWOW64\rasadhlp.dll
3/3/2020 - 18:45:43.965Open1480C:\malware.exeC:\Windows\SysWOW64\rasadhlp.dll
3/3/2020 - 18:45:44.59Open1480C:\malware.exeC:\CRYPTSP.dll
3/3/2020 - 18:45:44.59Open1480C:\malware.exeC:\Windows\SysWOW64\cryptsp.dll
3/3/2020 - 18:45:44.59Open1480C:\malware.exeC:\Windows\SysWOW64\cryptsp.dll
3/3/2020 - 18:45:44.59Open1480C:\malware.exeC:\Windows\SysWOW64\rsaenh.dll
3/3/2020 - 18:45:44.59Open1480C:\malware.exeC:\Windows\SysWOW64\rsaenh.dll
3/3/2020 - 18:45:44.59Open1480C:\malware.exeC:\Windows\SysWOW64\rsaenh.dll
3/3/2020 - 18:45:44.59Open1480C:\malware.exeC:\Windows\SysWOW64\rsaenh.dll
3/3/2020 - 18:45:44.59Open1480C:\malware.exeC:\Windows\SysWOW64\rsaenh.dll
3/3/2020 - 18:45:44.59Open1480C:\malware.exeC:\Windows\SysWOW64\rsaenh.dll
3/3/2020 - 18:45:44.59Open1480C:\malware.exeC:\Windows\SysWOW64\rsaenh.dll
3/3/2020 - 18:45:44.59Open1480C:\malware.exeC:\Windows\SysWOW64\rsaenh.dll
3/3/2020 - 18:45:44.59Open1480C:\malware.exeC:\Windows\SysWOW64\rsaenh.dll
3/3/2020 - 18:45:44.59Open1480C:\malware.exeC:\Windows\SysWOW64\rsaenh.dll
3/3/2020 - 18:45:44.59Open1480C:\malware.exeC:\Windows\SysWOW64\rsaenh.dll
3/3/2020 - 18:45:44.59Open1480C:\malware.exeC:\Windows\SysWOW64\rsaenh.dll
3/3/2020 - 18:45:44.59Open1480C:\malware.exeC:\RpcRtRemote.dll
3/3/2020 - 18:45:44.59Open1480C:\malware.exeC:\Windows\SysWOW64\RpcRtRemote.dll
3/3/2020 - 18:45:44.59Unknown1480C:\malware.exeC:\Windows\SysWOW64\RpcRtRemote.dllRpcRtRemote.dll
3/3/2020 - 18:45:44.59Open1480C:\malware.exeC:\Windows\SysWOW64\RpcRtRemote.dll
3/3/2020 - 18:45:44.59Unknown1480C:\malware.exeC:\Windows\SysWOW64\RpcRtRemote.dllRpcRtRemote.dll
3/3/2020 - 18:45:44.262Open1480C:\malware.exeC:\Windows\SysWOW64\wbem\wbemsvc.dll
3/3/2020 - 18:45:44.262Open1480C:\malware.exeC:\Windows\SysWOW64\wbem\wbemsvc.dll
3/3/2020 - 18:45:44.731Open1480C:\malware.exeC:\Windows\SysWOW64\wbem\fastprox.dll
3/3/2020 - 18:45:44.731Open1480C:\malware.exeC:\Windows\SysWOW64\wbem\fastprox.dll
3/3/2020 - 18:45:44.731Open1480C:\malware.exeC:\Windows\SysWOW64\wbem\NTDSAPI.dll
3/3/2020 - 18:45:44.731Open1480C:\malware.exeC:\Windows\SysWOW64\ntdsapi.dll
3/3/2020 - 18:45:44.731Open1480C:\malware.exeC:\Windows\SysWOW64\ntdsapi.dll
3/3/2020 - 18:45:45.293Read1480C:\malware.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
3/3/2020 - 18:45:46.418Open1480C:\malware.exeC:\Monitor\Malware
3/3/2020 - 18:45:46.418Unknown1480C:\malware.exeC:\Monitor\Malware
3/3/2020 - 18:45:46.418Open1480C:\malware.exeC:\Monitor
3/3/2020 - 18:45:46.418Unknown1480C:\malware.exeC:\Monitor
3/3/2020 - 18:45:46.465Open1480C:\malware.exeC:\PROPSYS.dll
3/3/2020 - 18:45:46.465Open1480C:\malware.exeC:\Windows\SysWOW64\propsys.dll
3/3/2020 - 18:45:46.465Open1480C:\malware.exeC:\Windows\SysWOW64\propsys.dll
3/3/2020 - 18:45:46.465Open1480C:\malware.exeC:\Windows\SysWOW64\shell32.dll
3/3/2020 - 18:45:46.465Open1480C:\malware.exeC:\malware.exe.Local
3/3/2020 - 18:45:46.465Open1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
3/3/2020 - 18:45:46.465Unknown1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
3/3/2020 - 18:45:46.465Open1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
3/3/2020 - 18:45:46.465Open1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
3/3/2020 - 18:45:46.465Open1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
3/3/2020 - 18:45:46.465Open1480C:\malware.exeC:\Windows\WindowsShell.Manifest
3/3/2020 - 18:45:46.465Unknown1480C:\malware.exeC:\Windows\WindowsShell.ManifestWindowsShell.Manifest
3/3/2020 - 18:45:46.465Open1480C:\malware.exeC:\apphelp.dll
3/3/2020 - 18:45:46.465Open1480C:\malware.exeC:\Windows\SysWOW64\apphelp.dll
3/3/2020 - 18:45:46.465Open1480C:\malware.exeC:\Windows\SysWOW64\apphelp.dll
3/3/2020 - 18:45:46.465Open1480C:\malware.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:46.465Open1480C:\malware.exeC:\Windows\AppPatch\sysmain.sdb
3/3/2020 - 18:45:46.465Open1480C:\malware.exeC:\Windows\SysWOW64
3/3/2020 - 18:45:46.465Unknown1480C:\malware.exeC:\Windows\SysWOW64
3/3/2020 - 18:45:46.465Open1480C:\malware.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:46.465Open1480C:\malware.exeC:\
3/3/2020 - 18:45:46.465Unknown1480C:\malware.exeC:\
3/3/2020 - 18:45:46.465Open1480C:\malware.exeC:\Windows
3/3/2020 - 18:45:46.465Unknown1480C:\malware.exeC:\Windows
3/3/2020 - 18:45:46.465Open1480C:\malware.exeC:\Windows\SysWOW64
3/3/2020 - 18:45:46.465Unknown1480C:\malware.exeC:\Windows\SysWOW64
3/3/2020 - 18:45:46.465Open1480C:\malware.exeC:\Windows\SysWOW64
3/3/2020 - 18:45:46.465Unknown1480C:\malware.exeC:\Windows\SysWOW64
3/3/2020 - 18:45:46.465Open1480C:\malware.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:46.465Open1480C:\malware.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:46.465Open1480C:\malware.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:46.465Open1480C:\malware.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:46.465Open1480C:\malware.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:46.481Open1480C:\malware.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:46.481Read1480C:\malware.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:46.481Open1480C:\malware.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:46.481Open1480C:\malware.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:46.481Open1480C:\malware.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:46.481Unknown1480C:\malware.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:46.481Open1480C:\malware.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
3/3/2020 - 18:45:46.481Unknown1480C:\malware.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dllapi-ms-win-downlevel-shell32-l1-1-0.dll
3/3/2020 - 18:45:46.481Open1480C:\malware.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
3/3/2020 - 18:45:46.481Unknown1480C:\malware.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dllapi-ms-win-downlevel-shell32-l1-1-0.dll
3/3/2020 - 18:45:46.481Open1480C:\malware.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:46.481Open1480C:\malware.exeC:\malware.exe.Local
3/3/2020 - 18:45:46.481Open1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
3/3/2020 - 18:45:46.481Unknown1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
3/3/2020 - 18:45:46.481Open1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
3/3/2020 - 18:45:46.481Open1480C:\malware.exeC:\api-ms-win-downlevel-shlwapi-l2-1-0.dll
3/3/2020 - 18:45:46.481Open1480C:\malware.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
3/3/2020 - 18:45:46.481Unknown1480C:\malware.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dllapi-ms-win-downlevel-shlwapi-l2-1-0.dll
3/3/2020 - 18:45:46.481Open1480C:\malware.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
3/3/2020 - 18:45:46.481Unknown1480C:\malware.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dllapi-ms-win-downlevel-shlwapi-l2-1-0.dll
3/3/2020 - 18:45:46.481Open1480C:\malware.exeC:\Monitor
3/3/2020 - 18:45:46.481Unknown1480C:\malware.exeC:\Monitor
3/3/2020 - 18:45:46.497Open1480C:\malware.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
3/3/2020 - 18:45:46.497Open1480C:\malware.exeC:\Windows\AppPatch\sysmain.sdb
3/3/2020 - 18:45:46.497Open1480C:\malware.exeC:\Program Files (x86)\Internet Explorer
3/3/2020 - 18:45:46.497Unknown1480C:\malware.exeC:\Program Files (x86)\Internet Explorer
3/3/2020 - 18:45:46.497Open1480C:\malware.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
3/3/2020 - 18:45:46.497Open1480C:\malware.exeC:\Program Files (x86)\Internet Explorer
3/3/2020 - 18:45:46.497Unknown1480C:\malware.exeC:\Program Files (x86)\Internet Explorer
3/3/2020 - 18:45:46.497Open1480C:\malware.exeC:\Program Files (x86)\Internet Explorer
3/3/2020 - 18:45:46.497Unknown1480C:\malware.exeC:\Program Files (x86)\Internet Explorer
3/3/2020 - 18:45:46.497Open1480C:\malware.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
3/3/2020 - 18:45:46.497Open1480C:\malware.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
3/3/2020 - 18:45:46.497Open1480C:\malware.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
3/3/2020 - 18:45:46.497Open1480C:\malware.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
3/3/2020 - 18:45:46.497Open1480C:\malware.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
3/3/2020 - 18:45:46.497Open1480C:\malware.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
3/3/2020 - 18:45:46.497Read1480C:\malware.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
3/3/2020 - 18:45:46.497Open1480C:\malware.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
3/3/2020 - 18:45:46.497Open1480C:\malware.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
3/3/2020 - 18:45:46.497Open1480C:\malware.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
3/3/2020 - 18:45:46.497Unknown1480C:\malware.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
3/3/2020 - 18:45:46.497Open1480C:\malware.exeC:\Windows\SysWOW64\shell32.dll
3/3/2020 - 18:45:46.497Open1480C:\malware.exeC:\Windows\SysWOW64\shell32.dll
3/3/2020 - 18:45:46.497Open1480C:\malware.exeC:\Monitor\http:\www.mpdft.mp.br\portal\
3/3/2020 - 18:45:46.497Open1480C:\malware.exeC:\Program Files\Internet Explorer\iexplore.exe
3/3/2020 - 18:45:46.497Open1480C:\malware.exeC:\Program Files\Internet Explorer\iexplore.exe
3/3/2020 - 18:45:46.497Open1480C:\malware.exeC:\Program Files\Internet Explorer\iexplore.exe
3/3/2020 - 18:45:46.497Open1480C:\malware.exeC:\Monitor
3/3/2020 - 18:45:46.497Unknown1480C:\malware.exeC:\Monitor
3/3/2020 - 18:45:46.497Open1480C:\malware.exeC:\Program Files\Internet Explorer\iexplore.exe
3/3/2020 - 18:45:46.497Unknown1480C:\malware.exeC:\Program Files\Internet Explorer\iexplore.exe
3/3/2020 - 18:45:46.512Unknown1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
3/3/2020 - 18:45:46.512Open1480C:\malware.exeC:\Secur32.dll
3/3/2020 - 18:45:46.512Open1480C:\malware.exeC:\Windows\SysWOW64\secur32.dll
3/3/2020 - 18:45:46.512Open1480C:\malware.exeC:\Windows\SysWOW64\secur32.dll
3/3/2020 - 18:45:46.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
3/3/2020 - 18:45:46.512Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
3/3/2020 - 18:45:46.512Open1480C:\malware.exeC:\api-ms-win-downlevel-advapi32-l2-1-0.dll
3/3/2020 - 18:45:46.512Open1480C:\malware.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
3/3/2020 - 18:45:46.512Unknown1480C:\malware.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dllapi-ms-win-downlevel-advapi32-l2-1-0.dll
3/3/2020 - 18:45:46.512Open1480C:\malware.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
3/3/2020 - 18:45:46.512Unknown1480C:\malware.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dllapi-ms-win-downlevel-advapi32-l2-1-0.dll
3/3/2020 - 18:45:46.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat
3/3/2020 - 18:45:46.512Open1480C:\malware.exeC:\Windows\SysWOW64\winhttp.dll
3/3/2020 - 18:45:46.512Open1480C:\malware.exeC:\Windows\SysWOW64\winhttp.dll
3/3/2020 - 18:45:46.512Open1480C:\malware.exeC:\Windows\SysWOW64\webio.dll
3/3/2020 - 18:45:46.512Open1480C:\malware.exeC:\Windows\SysWOW64\webio.dll
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Prefetch\IEXPLORE.EXE-908C99F8.pf
3/3/2020 - 18:45:46.590Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Prefetch\IEXPLORE.EXE-908C99F8.pfIEXPLORE.EXE-908C99F8.pf
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exe\Device\HarddiskVolume2
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\$EXTEND
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\$EXTEND
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\$EXTEND
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\WebCache
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\WebCache
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\WebCache
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Fonts
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Fonts
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Fonts
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Globalization
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Globalization
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Globalization
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ntdll.dll
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ntdll.dll
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\kernel32.dll
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\kernel32.dll
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\apisetschema.dll
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\apisetschema.dllapisetschema.dll
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\KernelBase.dll
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\KernelBase.dllKernelBase.dll
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\locale.nls
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\locale.nls
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exe
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exe
3/3/2020 - 18:45:46.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\user32.dll
3/3/2020 - 18:45:46.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\user32.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\gdi32.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\gdi32.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\lpk.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\lpk.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\usp10.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\usp10.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msvcrt.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msvcrt.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dllapi-ms-win-downlevel-advapi32-l1-1-0.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\advapi32.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\advapi32.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\sechost.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\sechost.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rpcrt4.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rpcrt4.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dllapi-ms-win-downlevel-shell32-l1-1-0.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\shell32.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\shell32.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\shlwapi.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\shlwapi.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\iertutil.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\iertutil.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dllapi-ms-win-downlevel-version-l1-1-0.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\version.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\version.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dllapi-ms-win-downlevel-user32-l1-1-0.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dllapi-ms-win-downlevel-normaliz-l1-1-0.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\normaliz.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\normaliz.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dllapi-ms-win-downlevel-shlwapi-l1-1-0.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\imm32.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\imm32.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msctf.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msctf.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptbase.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptbase.dllcryptbase.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting\SortDefault.nls
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting\SortDefault.nlsSortDefault.nls
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ieframe.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ieframe.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ole32.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ole32.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleaut32.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleaut32.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.Manifest
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.ManifestWindowsShell.Manifest
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\IEShims.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\IEShims.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\comdlg32.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\comdlg32.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rpcss.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rpcss.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\uxtheme.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\uxtheme.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\urlmon.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\urlmon.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dllapi-ms-win-downlevel-ole32-l1-1-0.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wininet.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wininet.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\userenv.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\userenv.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\profapi.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\profapi.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dwmapi.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dwmapi.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\sqmapi.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\sqmapi.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\secur32.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\secur32.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\sspicli.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\sspicli.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dllapi-ms-win-downlevel-advapi32-l2-1-0.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ws2_32.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ws2_32.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\nsi.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\nsi.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\winhttp.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\winhttp.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\webio.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\webio.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dllapi-ms-win-downlevel-shlwapi-l2-1-0.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mswsock.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mswsock.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wship6.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wship6.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\IPHLPAPI.DLL
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\IPHLPAPI.DLL
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\winnsi.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\winnsi.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\clbcatq.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\clbcatq.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netprofm.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netprofm.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\nlaapi.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\nlaapi.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptsp.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptsp.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\RpcRtRemote.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\RpcRtRemote.dllRpcRtRemote.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\npmproxy.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\npmproxy.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WSHTCPIP.DLL
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WSHTCPIP.DLL
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dnsapi.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dnsapi.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rasadhlp.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rasadhlp.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\ieproxy.dll
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\ieproxy.dll
3/3/2020 - 18:45:46.606Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\FWPUCLNT.DLL
3/3/2020 - 18:45:46.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\FWPUCLNT.DLL
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netapi32.dll
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netapi32.dll
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netutils.dll
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netutils.dll
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\srvcli.dll
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\srvcli.dll
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wkscli.dll
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wkscli.dll
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\crypt32.dll
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\crypt32.dll
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msasn1.dll
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msasn1.dll
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ieui.dll
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ieui.dll
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RECOVERYSTORE.{6C9E6232-4F1A-11E8-8B8A-525400842A13}.DAT
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF31E8A27AA33A1DCA.TMP
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Fonts\StaticCache.dat
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Fonts\StaticCache.datStaticCache.dat
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\apphelp.dll
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\apphelp.dll
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WindowsCodecs.dll
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WindowsCodecs.dllWindowsCodecs.dll
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleacc.dll
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleacc.dll
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleaccrc.dll
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleaccrc.dll
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ExplorerFrame.dll
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ExplorerFrame.dllExplorerFrame.dll
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\duser.dll
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\duser.dll
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dui70.dll
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dui70.dll
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msimg32.dll
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msimg32.dll
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{6C9E6234-4F1A-11E8-8B8A-525400842A13}.DAT
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF96115008492A9D98.TMP
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\propsys.dll
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\propsys.dll
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\cversions.2.db
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\cversions.2.dbcversions.2.db
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000011.db
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000011.db{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000011.db
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{D26FB7DB-64FE-4194-9875-380C6181B1A4}.2.ver0x0000000000000001.db
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{D26FB7DB-64FE-4194-9875-380C6181B1A4}.2.ver0x0000000000000001.db{D26FB7DB-64FE-4194-9875-380C6181B1A4}.2.ver0x0000000000000001.db
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mssprxy.dll
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mssprxy.dll
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc6.dll
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc6.dlldhcpcsvc6.dll
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc.dll
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc.dll
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mlang.dll
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mlang.dll
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites\desktop.ini
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites\desktop.ini
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop\desktop.ini
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop\desktop.ini
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.dat
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\setupapi.dll
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\setupapi.dll
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cfgmgr32.dll
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cfgmgr32.dll
3/3/2020 - 18:45:46.622Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\devobj.dll
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\devobj.dll
3/3/2020 - 18:45:46.622Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dllapi-ms-win-downlevel-shell32-l1-1-0.dll
3/3/2020 - 18:45:46.622Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\IEShims.dll
3/3/2020 - 18:45:46.622Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\comdlg32.dll
3/3/2020 - 18:45:46.622Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dllapi-ms-win-downlevel-shlwapi-l2-1-0.dll
3/3/2020 - 18:45:46.622Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netprofm.dll
3/3/2020 - 18:45:46.622Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\nlaapi.dll
3/3/2020 - 18:45:46.622Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\npmproxy.dll
3/3/2020 - 18:45:46.622Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WSHTCPIP.DLL
3/3/2020 - 18:45:46.622Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dnsapi.dll
3/3/2020 - 18:45:46.622Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rasadhlp.dll
3/3/2020 - 18:45:46.622Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\ieproxy.dll
3/3/2020 - 18:45:46.622Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\FWPUCLNT.DLL
3/3/2020 - 18:45:46.622Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\apphelp.dll
3/3/2020 - 18:45:46.622Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WindowsCodecs.dllWindowsCodecs.dll
3/3/2020 - 18:45:46.622Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleacc.dll
3/3/2020 - 18:45:46.622Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\duser.dll
3/3/2020 - 18:45:46.622Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dui70.dll
3/3/2020 - 18:45:46.622Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msimg32.dll
3/3/2020 - 18:45:46.622Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc6.dlldhcpcsvc6.dll
3/3/2020 - 18:45:46.622Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc.dll
3/3/2020 - 18:45:46.622Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mlang.dll
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\locale.nls
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting\SortDefault.nlsSortDefault.nls
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.ManifestWindowsShell.Manifest
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rpcss.dll
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Fonts\StaticCache.datStaticCache.dat
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleaccrc.dll
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\cversions.2.dbcversions.2.db
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000011.db{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000011.db
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{D26FB7DB-64FE-4194-9875-380C6181B1A4}.2.ver0x0000000000000001.db{D26FB7DB-64FE-4194-9875-380C6181B1A4}.2.ver0x0000000000000001.db
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites\desktop.ini
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop\desktop.ini
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db
3/3/2020 - 18:45:46.622Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
3/3/2020 - 18:45:46.637Open1480C:\malware.exeC:\Users\Behemot
3/3/2020 - 18:45:46.637Open1480C:\malware.exeC:\Users\Behemot
3/3/2020 - 18:45:46.637Unknown1480C:\malware.exeC:\Users\Behemot
3/3/2020 - 18:45:46.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:46.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:46.637Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:46.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
3/3/2020 - 18:45:46.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
3/3/2020 - 18:45:46.637Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
3/3/2020 - 18:45:46.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
3/3/2020 - 18:45:46.637Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
3/3/2020 - 18:45:46.637Open1480C:\malware.exeC:\Users\Behemot
3/3/2020 - 18:45:46.637Open1480C:\malware.exeC:\Users\Behemot
3/3/2020 - 18:45:46.637Unknown1480C:\malware.exeC:\Users\Behemot
3/3/2020 - 18:45:46.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming
3/3/2020 - 18:45:46.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming
3/3/2020 - 18:45:46.637Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming
3/3/2020 - 18:45:46.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
3/3/2020 - 18:45:46.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
3/3/2020 - 18:45:46.637Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
3/3/2020 - 18:45:46.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
3/3/2020 - 18:45:46.637Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
3/3/2020 - 18:45:46.637Open1480C:\malware.exeC:\Users\Behemot
3/3/2020 - 18:45:46.637Open1480C:\malware.exeC:\Users\Behemot
3/3/2020 - 18:45:46.637Unknown1480C:\malware.exeC:\Users\Behemot
3/3/2020 - 18:45:46.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:46.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:46.637Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:46.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
3/3/2020 - 18:45:46.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
3/3/2020 - 18:45:46.637Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
3/3/2020 - 18:45:46.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\History.IE5
3/3/2020 - 18:45:46.637Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\History.IE5
3/3/2020 - 18:45:46.715Open1480C:\malware.exeC:\Windows\SysWOW64\mswsock.dll
3/3/2020 - 18:45:46.715Open1480C:\malware.exeC:\Windows\SysWOW64\mswsock.dll
3/3/2020 - 18:45:46.715Open1480C:\malware.exeC:\Windows\SysWOW64\wship6.dll
3/3/2020 - 18:45:46.715Open1480C:\malware.exeC:\Windows\SysWOW64\wship6.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ntdll.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\kernel32.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\apisetschema.dllapisetschema.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\KernelBase.dllKernelBase.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exe
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\user32.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\gdi32.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\lpk.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\usp10.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msvcrt.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dllapi-ms-win-downlevel-advapi32-l1-1-0.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\advapi32.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\sechost.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rpcrt4.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\shell32.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\shlwapi.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\iertutil.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dllapi-ms-win-downlevel-version-l1-1-0.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\version.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dllapi-ms-win-downlevel-user32-l1-1-0.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dllapi-ms-win-downlevel-normaliz-l1-1-0.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\normaliz.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dllapi-ms-win-downlevel-shlwapi-l1-1-0.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\imm32.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msctf.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptbase.dllcryptbase.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ieframe.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ole32.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleaut32.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\uxtheme.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\urlmon.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dllapi-ms-win-downlevel-ole32-l1-1-0.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wininet.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\userenv.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\profapi.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dwmapi.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\sqmapi.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\secur32.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\sspicli.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dllapi-ms-win-downlevel-advapi32-l2-1-0.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ws2_32.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\nsi.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\winhttp.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\webio.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mswsock.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wship6.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\IPHLPAPI.DLL
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\winnsi.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\clbcatq.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptsp.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\RpcRtRemote.dllRpcRtRemote.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netapi32.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netutils.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\srvcli.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wkscli.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\crypt32.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msasn1.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ieui.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ExplorerFrame.dllExplorerFrame.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\propsys.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mssprxy.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\setupapi.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cfgmgr32.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\devobj.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exe\Device\HarddiskVolume2
3/3/2020 - 18:45:46.715Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Monitor
3/3/2020 - 18:45:46.715Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\sechost.dll
3/3/2020 - 18:45:46.715Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\sechost.dll
3/3/2020 - 18:45:46.715Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\api-ms-win-downlevel-shell32-l1-1-0.dll
3/3/2020 - 18:45:46.715Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dllapi-ms-win-downlevel-shell32-l1-1-0.dll
3/3/2020 - 18:45:46.715Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
3/3/2020 - 18:45:46.715Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dllapi-ms-win-downlevel-shell32-l1-1-0.dll
3/3/2020 - 18:45:46.715Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\version.DLL
3/3/2020 - 18:45:46.715Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\version.dll
3/3/2020 - 18:45:46.715Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\version.dll
3/3/2020 - 18:45:46.715Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\imm32.dll
3/3/2020 - 18:45:46.715Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\imm32.dll
3/3/2020 - 18:45:46.715Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\imm32.dll
3/3/2020 - 18:45:46.715Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\imm32.dll
3/3/2020 - 18:45:46.715Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\imm32.dll
3/3/2020 - 18:45:46.715Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\imm32.dll
3/3/2020 - 18:45:46.731Open1480C:\malware.exeC:\Windows\SysWOW64\netprofm.dll
3/3/2020 - 18:45:46.731Open1480C:\malware.exeC:\Windows\SysWOW64\netprofm.dll
3/3/2020 - 18:45:46.731Open1480C:\malware.exeC:\Windows\SysWOW64\nlaapi.dll
3/3/2020 - 18:45:46.731Open1480C:\malware.exeC:\Windows\SysWOW64\nlaapi.dll
3/3/2020 - 18:45:46.731Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\CRYPTBASE.DLL
3/3/2020 - 18:45:46.731Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptbase.dll
3/3/2020 - 18:45:46.731Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptbase.dllcryptbase.dll
3/3/2020 - 18:45:46.731Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptbase.dll
3/3/2020 - 18:45:46.731Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptbase.dllcryptbase.dll
3/3/2020 - 18:45:46.731Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting\SortDefault.nls
3/3/2020 - 18:45:46.731Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting\SortDefault.nlsSortDefault.nls
3/3/2020 - 18:45:46.731Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\IEFRAME.dll
3/3/2020 - 18:45:46.731Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ieframe.dll
3/3/2020 - 18:45:46.731Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ieframe.dll
3/3/2020 - 18:45:46.731Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ieframe.dll
3/3/2020 - 18:45:46.731Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exe.Local
3/3/2020 - 18:45:46.731Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757
3/3/2020 - 18:45:46.731Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757
3/3/2020 - 18:45:46.731Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757
3/3/2020 - 18:45:46.731Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
3/3/2020 - 18:45:46.731Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
3/3/2020 - 18:45:46.731Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
3/3/2020 - 18:45:46.731Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
3/3/2020 - 18:45:46.747Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.Manifest
3/3/2020 - 18:45:46.747Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.ManifestWindowsShell.Manifest
3/3/2020 - 18:45:46.747Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\IEShims.dll
3/3/2020 - 18:45:46.747Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\IEShims.dll
3/3/2020 - 18:45:46.747Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exe.Local
3/3/2020 - 18:45:46.747Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6
3/3/2020 - 18:45:46.747Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6
3/3/2020 - 18:45:46.747Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6
3/3/2020 - 18:45:46.747Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
3/3/2020 - 18:45:46.747Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
3/3/2020 - 18:45:46.747Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
3/3/2020 - 18:45:46.747Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
3/3/2020 - 18:45:46.747Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
3/3/2020 - 18:45:46.747Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
3/3/2020 - 18:45:46.747Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
3/3/2020 - 18:45:46.747Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
3/3/2020 - 18:45:46.747Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
3/3/2020 - 18:45:46.747Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
3/3/2020 - 18:45:46.747Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
3/3/2020 - 18:45:46.747Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
3/3/2020 - 18:45:46.747Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
3/3/2020 - 18:45:46.747Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
3/3/2020 - 18:45:46.747Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
3/3/2020 - 18:45:46.747Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
3/3/2020 - 18:45:46.747Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rpcss.dll
3/3/2020 - 18:45:46.747Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rpcss.dll
3/3/2020 - 18:45:46.747Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rpcss.dll
3/3/2020 - 18:45:46.747Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rpcss.dll
3/3/2020 - 18:45:46.747Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\uxtheme.dll
3/3/2020 - 18:45:46.747Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\uxtheme.dll
3/3/2020 - 18:45:46.809Open1480C:\malware.exeC:\dhcpcsvc6.DLL
3/3/2020 - 18:45:46.809Open1480C:\malware.exeC:\Windows\SysWOW64\dhcpcsvc6.dll
3/3/2020 - 18:45:46.809Unknown1480C:\malware.exeC:\Windows\SysWOW64\dhcpcsvc6.dlldhcpcsvc6.dll
3/3/2020 - 18:45:46.809Open1480C:\malware.exeC:\Windows\SysWOW64\dhcpcsvc6.dll
3/3/2020 - 18:45:46.809Unknown1480C:\malware.exeC:\Windows\SysWOW64\dhcpcsvc6.dlldhcpcsvc6.dll
3/3/2020 - 18:45:46.809Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\dwmapi.dll
3/3/2020 - 18:45:46.809Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dwmapi.dll
3/3/2020 - 18:45:46.809Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dwmapi.dll
3/3/2020 - 18:45:46.809Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files
3/3/2020 - 18:45:46.809Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files
3/3/2020 - 18:45:46.809Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\sqmapi.dll
3/3/2020 - 18:45:46.809Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\sqmapi.dll
3/3/2020 - 18:45:46.809Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\Secur32.dll
3/3/2020 - 18:45:46.809Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\secur32.dll
3/3/2020 - 18:45:46.809Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\secur32.dll
3/3/2020 - 18:45:46.809Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\SSPICLI.DLL
3/3/2020 - 18:45:46.809Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\sspicli.dll
3/3/2020 - 18:45:46.809Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\sspicli.dll
3/3/2020 - 18:45:46.809Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
3/3/2020 - 18:45:46.809Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
3/3/2020 - 18:45:46.809Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\api-ms-win-downlevel-advapi32-l2-1-0.dll
3/3/2020 - 18:45:46.809Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
3/3/2020 - 18:45:46.809Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dllapi-ms-win-downlevel-advapi32-l2-1-0.dll
3/3/2020 - 18:45:46.809Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
3/3/2020 - 18:45:46.809Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dllapi-ms-win-downlevel-advapi32-l2-1-0.dll
3/3/2020 - 18:45:46.856Open1480C:\malware.exeC:\Windows\SysWOW64\npmproxy.dll
3/3/2020 - 18:45:46.856Open1480C:\malware.exeC:\Windows\SysWOW64\npmproxy.dll
3/3/2020 - 18:45:46.856Open1480C:\malware.exeC:\Windows\SysWOW64\WSHTCPIP.DLL
3/3/2020 - 18:45:46.856Open1480C:\malware.exeC:\Windows\SysWOW64\WSHTCPIP.DLL
3/3/2020 - 18:45:46.856Open1480C:\malware.exeC:\dhcpcsvc.DLL
3/3/2020 - 18:45:46.856Open1480C:\malware.exeC:\Windows\SysWOW64\dhcpcsvc.dll
3/3/2020 - 18:45:46.856Open1480C:\malware.exeC:\Windows\SysWOW64\dhcpcsvc.dll
3/3/2020 - 18:45:46.856Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat
3/3/2020 - 18:45:46.856Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\winhttp.dll
3/3/2020 - 18:45:46.856Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\winhttp.dll
3/3/2020 - 18:45:46.856Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\webio.dll
3/3/2020 - 18:45:46.872Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\webio.dll
3/3/2020 - 18:45:46.872Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\api-ms-win-downlevel-shlwapi-l2-1-0.dll
3/3/2020 - 18:45:46.872Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
3/3/2020 - 18:45:46.872Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dllapi-ms-win-downlevel-shlwapi-l2-1-0.dll
3/3/2020 - 18:45:46.872Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
3/3/2020 - 18:45:46.872Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dllapi-ms-win-downlevel-shlwapi-l2-1-0.dll
3/3/2020 - 18:45:46.918Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mswsock.dll
3/3/2020 - 18:45:46.918Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mswsock.dll
3/3/2020 - 18:45:46.918Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wship6.dll
3/3/2020 - 18:45:46.918Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wship6.dll
3/3/2020 - 18:45:46.918Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\IPHLPAPI.DLL
3/3/2020 - 18:45:46.918Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\IPHLPAPI.DLL
3/3/2020 - 18:45:46.918Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\IPHLPAPI.DLL
3/3/2020 - 18:45:46.918Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\WINNSI.DLL
3/3/2020 - 18:45:46.918Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\winnsi.dll
3/3/2020 - 18:45:46.918Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\winnsi.dll
3/3/2020 - 18:45:46.965Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netprofm.dll
3/3/2020 - 18:45:46.965Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netprofm.dll
3/3/2020 - 18:45:46.965Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\nlaapi.dll
3/3/2020 - 18:45:46.965Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\nlaapi.dll
3/3/2020 - 18:45:47.12Open1480C:\malware.exeC:\Windows\SysWOW64\FWPUCLNT.DLL
3/3/2020 - 18:45:47.12Open1480C:\malware.exeC:\Windows\SysWOW64\FWPUCLNT.DLL
3/3/2020 - 18:45:47.106Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\CRYPTSP.dll
3/3/2020 - 18:45:47.106Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptsp.dll
3/3/2020 - 18:45:47.106Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptsp.dll
3/3/2020 - 18:45:47.106Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
3/3/2020 - 18:45:47.106Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
3/3/2020 - 18:45:47.106Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
3/3/2020 - 18:45:47.106Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
3/3/2020 - 18:45:47.106Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
3/3/2020 - 18:45:47.106Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
3/3/2020 - 18:45:47.106Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
3/3/2020 - 18:45:47.106Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
3/3/2020 - 18:45:47.106Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
3/3/2020 - 18:45:47.106Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
3/3/2020 - 18:45:47.106Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
3/3/2020 - 18:45:47.106Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
3/3/2020 - 18:45:47.106Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\RpcRtRemote.dll
3/3/2020 - 18:45:47.106Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\RpcRtRemote.dll
3/3/2020 - 18:45:47.106Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\RpcRtRemote.dllRpcRtRemote.dll
3/3/2020 - 18:45:47.106Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\RpcRtRemote.dll
3/3/2020 - 18:45:47.106Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\RpcRtRemote.dllRpcRtRemote.dll
3/3/2020 - 18:45:47.122Open1480C:\malware.exeC:\Windows\SysWOW64\wininet.dll
3/3/2020 - 18:45:47.122Open1480C:\malware.exeC:\malware.exe.Local
3/3/2020 - 18:45:47.122Open1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
3/3/2020 - 18:45:47.122Unknown1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
3/3/2020 - 18:45:47.122Open1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
3/3/2020 - 18:45:47.122Open1480C:\malware.exeC:\Windows\SysWOW64\ws2_32.dll
3/3/2020 - 18:45:47.122Open1480C:\malware.exeC:\Windows\SysWOW64\ws2_32.dll
3/3/2020 - 18:45:47.122Open1480C:\malware.exeC:\Windows\SysWOW64\WSHTCPIP.DLL
3/3/2020 - 18:45:47.122Open1480C:\malware.exeC:\Windows\SysWOW64\WSHTCPIP.DLL
3/3/2020 - 18:45:47.122Open1480C:\malware.exeC:\Windows\SysWOW64\WSHTCPIP.DLL
3/3/2020 - 18:45:47.122Open1480C:\malware.exeC:\Windows\SysWOW64\wship6.dll
3/3/2020 - 18:45:47.122Open1480C:\malware.exeC:\Windows\SysWOW64\wship6.dll
3/3/2020 - 18:45:47.122Open1480C:\malware.exeC:\Windows\SysWOW64\wship6.dll
3/3/2020 - 18:45:47.122Open1480C:\malware.exeC:\Windows\SysWOW64\wshqos.dll
3/3/2020 - 18:45:47.122Open1480C:\malware.exeC:\Windows\SysWOW64\wshqos.dll
3/3/2020 - 18:45:47.122Open1480C:\malware.exeC:\Windows\SysWOW64\wshqos.dll
3/3/2020 - 18:45:47.122Open1480C:\malware.exeC:\Windows\SysWOW64\wshqos.dll
3/3/2020 - 18:45:47.122Open1480C:\malware.exeC:\Windows\SysWOW64\wshqos.dll
3/3/2020 - 18:45:47.122Open1480C:\malware.exeC:\Windows\SysWOW64\wshqos.dll
3/3/2020 - 18:45:47.122Open1480C:\malware.exeC:\Windows\SysWOW64\wshqos.dll
3/3/2020 - 18:45:47.122Open1480C:\malware.exeC:\Windows\SysWOW64\wshqos.dll
3/3/2020 - 18:45:47.215Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\npmproxy.dll
3/3/2020 - 18:45:47.215Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\npmproxy.dll
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\suspend.dll
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\UrlBlockManager\urlblocklist.bin
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\UrlBlockManager\urlblocklist.binurlblocklist.bin
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\UrlBlockManager\urlblocklist.bin
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\UrlBlockManager\urlblocklist.binurlblocklist.bin
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Monitor
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\Low
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\Low
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\Low
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\Low
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\Low
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\Low
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\Low
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\Low
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\Low
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\Low
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Adobe\Flash Player\NativeCache
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Adobe\Flash Player\NativeCache
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\UserData\Low
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\UserData\Low
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\UserData\Low
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\UserData\Low
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\UserData\Low
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites
3/3/2020 - 18:45:47.309Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites
3/3/2020 - 18:45:47.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Tracking Protection
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Tracking Protection
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\TabRoaming
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\TabRoaming
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\TabRoaming
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\TabRoaming
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\TabRoaming
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\PlayReady
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\PlayReady
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\PrivacIE
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\PrivacIE
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\PrivacIE
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\DNTException
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\DNTException
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\DNTException
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\DNTException\Low
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\DNTException\Low
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\DNTException\Low
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\DNTException\Low
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\DNTException\Low
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatCache
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatCache
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatCache
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatUACache
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatUACache
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatUACache
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatUACache\Low
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatUACache\Low
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatUACache\Low
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatUACache\Low
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatUACache\Low
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\Low
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\Low
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\Low
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\Low
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\Low
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\Low
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\Low
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.325Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
3/3/2020 - 18:45:47.325Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
3/3/2020 - 18:45:47.340Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
3/3/2020 - 18:45:47.340Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
3/3/2020 - 18:45:47.340Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
3/3/2020 - 18:45:47.340Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
3/3/2020 - 18:45:47.340Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
3/3/2020 - 18:45:47.340Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
3/3/2020 - 18:45:47.340Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.340Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.340Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:47.340Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:47.340Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:47.340Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:47.340Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
3/3/2020 - 18:45:47.340Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
3/3/2020 - 18:45:47.340Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
3/3/2020 - 18:45:47.340Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\History.IE5
3/3/2020 - 18:45:47.340Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\History.IE5
3/3/2020 - 18:45:47.387Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WSHTCPIP.DLL
3/3/2020 - 18:45:47.387Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WSHTCPIP.DLL
3/3/2020 - 18:45:47.387Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\DNSAPI.dll
3/3/2020 - 18:45:47.387Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dnsapi.dll
3/3/2020 - 18:45:47.387Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dnsapi.dll
3/3/2020 - 18:45:47.387Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\NETAPI32.dll
3/3/2020 - 18:45:47.387Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netapi32.dll
3/3/2020 - 18:45:47.387Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netapi32.dll
3/3/2020 - 18:45:47.387Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\netutils.dll
3/3/2020 - 18:45:47.387Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netutils.dll
3/3/2020 - 18:45:47.387Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netutils.dll
3/3/2020 - 18:45:47.387Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\srvcli.dll
3/3/2020 - 18:45:47.387Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\srvcli.dll
3/3/2020 - 18:45:47.387Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\srvcli.dll
3/3/2020 - 18:45:47.387Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\wkscli.dll
3/3/2020 - 18:45:47.387Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wkscli.dll
3/3/2020 - 18:45:47.403Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wkscli.dll
3/3/2020 - 18:45:47.450Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\rasadhlp.dll
3/3/2020 - 18:45:47.450Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rasadhlp.dll
3/3/2020 - 18:45:47.450Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rasadhlp.dll
3/3/2020 - 18:45:47.450Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\IEUI.dll
3/3/2020 - 18:45:47.450Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ieui.dll
3/3/2020 - 18:45:47.450Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ieui.dll
3/3/2020 - 18:45:47.450Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\FWPUCLNT.DLL
3/3/2020 - 18:45:47.450Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\FWPUCLNT.DLL
3/3/2020 - 18:45:47.481Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\ieproxy.dll
3/3/2020 - 18:45:47.481Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\ieproxy.dll
3/3/2020 - 18:45:47.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
3/3/2020 - 18:45:47.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
3/3/2020 - 18:45:47.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
3/3/2020 - 18:45:47.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.590Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.590Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.590Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.590Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF6A93D9AE8D27B412.TMP
3/3/2020 - 18:45:47.590Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF6A93D9AE8D27B412.TMP~DF6A93D9AE8D27B412.TMP
3/3/2020 - 18:45:47.590Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF6A93D9AE8D27B412.TMP~DF6A93D9AE8D27B412.TMP
3/3/2020 - 18:45:47.590Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF6A93D9AE8D27B412.TMP~DF6A93D9AE8D27B412.TMP
3/3/2020 - 18:45:47.590Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.606Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF6A93D9AE8D27B412.TMP~DF6A93D9AE8D27B412.TMP
3/3/2020 - 18:45:47.606Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.606Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.606Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.606Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.606Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.606Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF6A93D9AE8D27B412.TMP~DF6A93D9AE8D27B412.TMP
3/3/2020 - 18:45:47.606Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF6A93D9AE8D27B412.TMP~DF6A93D9AE8D27B412.TMP
3/3/2020 - 18:45:47.606Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF6A93D9AE8D27B412.TMP~DF6A93D9AE8D27B412.TMP
3/3/2020 - 18:45:47.606Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.606Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.606Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.606Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.606Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.606Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.606Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF6A93D9AE8D27B412.TMP~DF6A93D9AE8D27B412.TMP
3/3/2020 - 18:45:47.606Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF6A93D9AE8D27B412.TMP~DF6A93D9AE8D27B412.TMP
3/3/2020 - 18:45:47.606Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF6A93D9AE8D27B412.TMP~DF6A93D9AE8D27B412.TMP
3/3/2020 - 18:45:47.606Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.606Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.606Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.606Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.606Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.606Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.606Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.606Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF6A93D9AE8D27B412.TMP~DF6A93D9AE8D27B412.TMP
3/3/2020 - 18:45:47.606Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF6A93D9AE8D27B412.TMP~DF6A93D9AE8D27B412.TMP
3/3/2020 - 18:45:47.606Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF6A93D9AE8D27B412.TMP~DF6A93D9AE8D27B412.TMP
3/3/2020 - 18:45:47.606Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.606Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.606Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.606Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.606Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.809Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Fonts\StaticCache.dat
3/3/2020 - 18:45:47.809Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Fonts\StaticCache.datStaticCache.dat
3/3/2020 - 18:45:47.809Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-core-winrt-string-l1-1-0.dll
3/3/2020 - 18:45:47.809Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WindowsCodecs.dll
3/3/2020 - 18:45:47.809Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WindowsCodecs.dllWindowsCodecs.dll
3/3/2020 - 18:45:47.809Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WindowsCodecs.dll
3/3/2020 - 18:45:47.809Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WindowsCodecs.dllWindowsCodecs.dll
3/3/2020 - 18:45:47.825Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleacc.dll
3/3/2020 - 18:45:47.825Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleacc.dll
3/3/2020 - 18:45:47.825Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\OLEACCRC.DLL
3/3/2020 - 18:45:47.825Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleaccrc.dll
3/3/2020 - 18:45:47.825Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleaccrc.dll
3/3/2020 - 18:45:47.840Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ExplorerFrame.dll
3/3/2020 - 18:45:47.840Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ExplorerFrame.dllExplorerFrame.dll
3/3/2020 - 18:45:47.840Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ExplorerFrame.dll
3/3/2020 - 18:45:47.840Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ExplorerFrame.dllExplorerFrame.dll
3/3/2020 - 18:45:47.840Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\duser.dll
3/3/2020 - 18:45:47.840Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\duser.dll
3/3/2020 - 18:45:47.840Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dui70.dll
3/3/2020 - 18:45:47.840Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dui70.dll
3/3/2020 - 18:45:47.840Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dui70.dll
3/3/2020 - 18:45:47.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
3/3/2020 - 18:45:47.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
3/3/2020 - 18:45:47.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\404[1].htm
3/3/2020 - 18:45:47.887Write1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\404[1].htm404[1].htm
3/3/2020 - 18:45:47.887Write1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\404[1].htm404[1].htm
3/3/2020 - 18:45:47.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\404[1].htm404[1].htm
3/3/2020 - 18:45:47.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\404[1].htm
3/3/2020 - 18:45:47.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\404[1].htm
3/3/2020 - 18:45:47.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\514251
3/3/2020 - 18:45:47.887Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\404[1].htm404[1].htm
3/3/2020 - 18:45:47.887Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\404[1].htm404[1].htm
3/3/2020 - 18:45:47.887Write1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\514251
3/3/2020 - 18:45:47.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\514251
3/3/2020 - 18:45:47.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\404[1].htm404[1].htm
3/3/2020 - 18:45:47.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\404[1].htm404[1].htm
3/3/2020 - 18:45:47.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Templates
3/3/2020 - 18:45:47.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Templates
3/3/2020 - 18:45:47.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\514251
3/3/2020 - 18:45:47.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\514251
3/3/2020 - 18:45:47.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\514251
3/3/2020 - 18:45:47.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\514251
3/3/2020 - 18:45:47.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\514251
3/3/2020 - 18:45:47.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\514251
3/3/2020 - 18:45:47.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\514251
3/3/2020 - 18:45:47.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\514251
3/3/2020 - 18:45:47.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\514251
3/3/2020 - 18:45:47.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\514251
3/3/2020 - 18:45:47.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\514251
3/3/2020 - 18:45:47.887Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\514251
3/3/2020 - 18:45:47.887Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\514251
3/3/2020 - 18:45:47.887Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\514251
3/3/2020 - 18:45:47.887Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\514251
3/3/2020 - 18:45:47.887Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\514251
3/3/2020 - 18:45:47.887Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\514251
3/3/2020 - 18:45:47.887Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\514251
3/3/2020 - 18:45:47.887Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\514251
3/3/2020 - 18:45:47.887Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\514251
3/3/2020 - 18:45:47.887Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\514251
3/3/2020 - 18:45:47.887Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\514251
3/3/2020 - 18:45:47.887Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\514251
3/3/2020 - 18:45:47.887Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\514251
3/3/2020 - 18:45:47.887Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\514251
3/3/2020 - 18:45:47.887Open1480C:\malware.exeC:\cabinet.dll
3/3/2020 - 18:45:47.887Open1480C:\malware.exeC:\Windows\SysWOW64\cabinet.dll
3/3/2020 - 18:45:47.887Open1480C:\malware.exeC:\Windows\SysWOW64\cabinet.dll
3/3/2020 - 18:45:47.887Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\514251
3/3/2020 - 18:45:47.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\514251
3/3/2020 - 18:45:47.887Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF6A93D9AE8D27B412.TMP~DF6A93D9AE8D27B412.TMP
3/3/2020 - 18:45:47.887Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.887Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF6A93D9AE8D27B412.TMP~DF6A93D9AE8D27B412.TMP
3/3/2020 - 18:45:47.887Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.887Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.887Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.887Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.887Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.887Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.887Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.887Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\PROPSYS.dll
3/3/2020 - 18:45:47.887Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\propsys.dll
3/3/2020 - 18:45:47.887Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\propsys.dll
3/3/2020 - 18:45:47.887Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\propsys.dll
3/3/2020 - 18:45:47.887Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\propsys.dll
3/3/2020 - 18:45:47.887Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\propsys.dll
3/3/2020 - 18:45:47.887Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\propsys.dll
3/3/2020 - 18:45:47.887Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\propsys.dll
3/3/2020 - 18:45:47.887Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\propsys.dll
3/3/2020 - 18:45:47.887Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-core-winrt-string-l1-1-0.dll
3/3/2020 - 18:45:47.903Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\MSIMG32.dll
3/3/2020 - 18:45:47.903Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msimg32.dll
3/3/2020 - 18:45:47.903Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msimg32.dll
3/3/2020 - 18:45:47.965Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF6A93D9AE8D27B412.TMP~DF6A93D9AE8D27B412.TMP
3/3/2020 - 18:45:47.965Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF6A93D9AE8D27B412.TMP~DF6A93D9AE8D27B412.TMP
3/3/2020 - 18:45:47.965Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.965Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.965Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.965Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.965Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:47.965Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.12Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\shell32.dll
3/3/2020 - 18:45:48.12Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exe.Local
3/3/2020 - 18:45:48.12Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757
3/3/2020 - 18:45:48.12Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757
3/3/2020 - 18:45:48.12Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757
3/3/2020 - 18:45:48.12Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\apphelp.dll
3/3/2020 - 18:45:48.12Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\apphelp.dll
3/3/2020 - 18:45:48.12Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\apphelp.dll
3/3/2020 - 18:45:48.59Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mssprxy.dll
3/3/2020 - 18:45:48.59Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mssprxy.dll
3/3/2020 - 18:45:48.59Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
3/3/2020 - 18:45:48.59Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
3/3/2020 - 18:45:48.59Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
3/3/2020 - 18:45:48.59Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF796F8536B50A23C8.TMP
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF796F8536B50A23C8.TMP~DF796F8536B50A23C8.TMP
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF796F8536B50A23C8.TMP~DF796F8536B50A23C8.TMP
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF796F8536B50A23C8.TMP~DF796F8536B50A23C8.TMP
3/3/2020 - 18:45:48.59Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF796F8536B50A23C8.TMP~DF796F8536B50A23C8.TMP
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF796F8536B50A23C8.TMP~DF796F8536B50A23C8.TMP
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF796F8536B50A23C8.TMP~DF796F8536B50A23C8.TMP
3/3/2020 - 18:45:48.59Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF796F8536B50A23C8.TMP~DF796F8536B50A23C8.TMP
3/3/2020 - 18:45:48.59Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF6A93D9AE8D27B412.TMP~DF6A93D9AE8D27B412.TMP
3/3/2020 - 18:45:48.59Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF6A93D9AE8D27B412.TMP~DF6A93D9AE8D27B412.TMP
3/3/2020 - 18:45:48.59Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF6A93D9AE8D27B412.TMP~DF6A93D9AE8D27B412.TMP
3/3/2020 - 18:45:48.59Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF6A93D9AE8D27B412.TMP~DF6A93D9AE8D27B412.TMP
3/3/2020 - 18:45:48.59Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF796F8536B50A23C8.TMP~DF796F8536B50A23C8.TMP
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF796F8536B50A23C8.TMP~DF796F8536B50A23C8.TMP
3/3/2020 - 18:45:48.59Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF796F8536B50A23C8.TMP~DF796F8536B50A23C8.TMP
3/3/2020 - 18:45:48.59Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF796F8536B50A23C8.TMP~DF796F8536B50A23C8.TMP
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF796F8536B50A23C8.TMP~DF796F8536B50A23C8.TMP
3/3/2020 - 18:45:48.59Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF796F8536B50A23C8.TMP~DF796F8536B50A23C8.TMP
3/3/2020 - 18:45:48.59Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:48.59Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
3/3/2020 - 18:45:48.59Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
3/3/2020 - 18:45:48.59Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
3/3/2020 - 18:45:48.59Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
3/3/2020 - 18:45:48.59Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
3/3/2020 - 18:45:48.59Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
3/3/2020 - 18:45:48.59Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\en\IEXPLORE.EXE.mui
3/3/2020 - 18:45:48.59Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
3/3/2020 - 18:45:48.59Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
3/3/2020 - 18:45:48.59Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
3/3/2020 - 18:45:48.59Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
3/3/2020 - 18:45:48.59Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Prefetch\IEXPLORE.EXE-4B6C9213.pf
3/3/2020 - 18:45:48.122Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Prefetch\IEXPLORE.EXE-4B6C9213.pfIEXPLORE.EXE-4B6C9213.pf
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exe\Device\HarddiskVolume2
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\$EXTEND
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\$EXTEND
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\$EXTEND
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\O7SUU5RP
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\O7SUU5RP
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\O7SUU5RP
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\SM4GL60W
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\SM4GL60W
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\SM4GL60W
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Globalization
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Globalization
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Globalization
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\pt-BR
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\pt-BR
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\pt-BR
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\ntdll.dll
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\ntdll.dll
3/3/2020 - 18:45:48.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64.dll
3/3/2020 - 18:45:48.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64win.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64win.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64cpu.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64cpu.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\kernel32.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\kernel32.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\kernel32.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\kernel32.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\user32.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\user32.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ntdll.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ntdll.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\apisetschema.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\apisetschema.dllapisetschema.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\KernelBase.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\locale.nls
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\locale.nls
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msvcrt.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msvcrt.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dllapi-ms-win-downlevel-advapi32-l1-1-0.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\advapi32.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\advapi32.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sechost.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sechost.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rpcrt4.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rpcrt4.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sspicli.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sspicli.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptbase.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptbase.dllcryptbase.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\iertutil.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\iertutil.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dllapi-ms-win-downlevel-version-l1-1-0.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\version.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\version.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dllapi-ms-win-downlevel-user32-l1-1-0.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\user32.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\user32.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\gdi32.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\gdi32.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\lpk.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\lpk.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\usp10.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\usp10.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dllapi-ms-win-downlevel-normaliz-l1-1-0.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\normaliz.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\normaliz.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dllapi-ms-win-downlevel-shlwapi-l1-1-0.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\shlwapi.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\shlwapi.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imm32.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imm32.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msctf.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msctf.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting\SortDefault.nls
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting\SortDefault.nlsSortDefault.nls
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dllapi-ms-win-downlevel-shell32-l1-1-0.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\shell32.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\shell32.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ole32.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ole32.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\oleaut32.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\oleaut32.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.Manifest
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.ManifestWindowsShell.Manifest
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEShims.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEShims.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\comdlg32.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\comdlg32.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dllapi-ms-win-downlevel-ole32-l1-1-0.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\uxtheme.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\uxtheme.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wininet.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wininet.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\userenv.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\userenv.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\profapi.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\profapi.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\secur32.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\secur32.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dllapi-ms-win-downlevel-advapi32-l2-1-0.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\urlmon.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\urlmon.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ws2_32.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ws2_32.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\nsi.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\nsi.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winhttp.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winhttp.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\webio.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\webio.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mswsock.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mswsock.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wship6.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wship6.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winnsi.dll
3/3/2020 - 18:45:48.137Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winnsi.dll
3/3/2020 - 18:45:48.137Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptsp.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptsp.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\RpcRtRemote.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\RpcRtRemote.dllRpcRtRemote.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\clbcatq.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\clbcatq.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dllapi-ms-win-downlevel-shlwapi-l2-1-0.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dwmapi.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dwmapi.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\sqmapi.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\sqmapi.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcrypt.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcrypt.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcryptprimitives.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcryptprimitives.dllbcryptprimitives.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d2d1.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d2d1.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\DWrite.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\DWrite.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dxgi.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dxgi.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\setupapi.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\setupapi.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cfgmgr32.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cfgmgr32.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\devobj.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\devobj.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wintrust.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wintrust.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\crypt32.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\crypt32.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msasn1.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msasn1.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\apphelp.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\apphelp.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mlang.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mlang.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\propsys.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\propsys.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dnsapi.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dnsapi.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\8CS2PRM4.txt
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\8CS2PRM4.txt
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WSHTCPIP.DLL
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WSHTCPIP.DLL
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rasadhlp.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rasadhlp.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\FWPUCLNT.DLL
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\FWPUCLNT.DLL
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieui.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieui.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wshqos.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wshqos.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sxs.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sxs.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\credssp.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\credssp.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\schannel.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\schannel.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ncrypt.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ncrypt.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\gpapi.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\gpapi.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\p2pcollab.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\p2pcollab.dllp2pcollab.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptnet.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptnet.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\Wldap32.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\Wldap32.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_BEB37ABADF39714871232B4792417E04
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_BEB37ABADF39714871232B4792417E046BADA8974A10C4BD62CC921D13E43B18_BEB37ABADF39714871232B4792417E04
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_BEB37ABADF39714871232B4792417E04
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_BEB37ABADF39714871232B4792417E046BADA8974A10C4BD62CC921D13E43B18_BEB37ABADF39714871232B4792417E04
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\50D6B15D9F2DCE1EDBB0C098625FBE47_281AC807DE0FEF15F2CA9911FE760A9B
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\50D6B15D9F2DCE1EDBB0C098625FBE47_281AC807DE0FEF15F2CA9911FE760A9B50D6B15D9F2DCE1EDBB0C098625FBE47_281AC807DE0FEF15F2CA9911FE760A9B
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\50D6B15D9F2DCE1EDBB0C098625FBE47_281AC807DE0FEF15F2CA9911FE760A9B
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\50D6B15D9F2DCE1EDBB0C098625FBE47_281AC807DE0FEF15F2CA9911FE760A9B50D6B15D9F2DCE1EDBB0C098625FBE47_281AC807DE0FEF15F2CA9911FE760A9B
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\SensApi.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\SensApi.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\BCFED8GC.TXT
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\I6P0K07S.TXT
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~cs-CZ~7.1.7601.16492.cat
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~cs-CZ~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~cs-CZ~7.1.7601.16492.cat
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\PT-BR[1].HTM
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\netprofm.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\netprofm.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\nlaapi.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\nlaapi.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msimtf.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msimtf.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\oleacc.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\oleacc.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\oleaccrc.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\oleaccrc.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\npmproxy.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\npmproxy.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\jscript9.dll
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\jscript9.dll
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\e151e5[1].gif
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\e151e5[1].gife151e5[1].gif
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB1kvzy[1].png
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB1kvzy[1].pngBB1kvzy[1].png
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\AAwBbg7[1].jpg
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\AAwBbg7[1].jpgAAwBbg7[1].jpg
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\AAv4RrG[1].jpg
3/3/2020 - 18:45:48.153Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\AAv4RrG[1].jpgAAv4RrG[1].jpg
3/3/2020 - 18:45:48.153Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\AAwGL0I[1].jpg
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\AAwGL0I[1].jpgAAwGL0I[1].jpg
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB8MKSg[1].png
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB8MKSg[1].pngBB8MKSg[1].png
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB8MIiC[1].png
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB8MIiC[1].pngBB8MIiC[1].png
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WindowsCodecs.dll
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WindowsCodecs.dllWindowsCodecs.dll
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\b8-2f3a4c-4b5f58d3[1].css
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\b8-2f3a4c-4b5f58d3[1].cssb8-2f3a4c-4b5f58d3[1].css
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d11.dll
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d11.dll
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d10warp.dll
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d10warp.dlld3d10warp.dll
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-System.dat
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-System.dat~FontCache-System.dat
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\xmllite.dll
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\xmllite.dll
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\O7SUU5RP\www.msn[1].xml
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\O7SUU5RP\www.msn[1].xmlwww.msn[1].xml
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\adswrappermsni[1].js
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\adswrappermsni[1].jsadswrappermsni[1].js
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\jquery-2.1.1.min[1].js
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\jquery-2.1.1.min[1].jsjquery-2.1.1.min[1].js
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\41-e73167-68ddb2ab[1].js
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\41-e73167-68ddb2ab[1].js41-e73167-68ddb2ab[1].js
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-FontFace.dat
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-FontFace.dat~FontCache-FontFace.dat
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-S-1-5-21-2148495166-3420019059-1286093062-1001.dat
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-S-1-5-21-2148495166-3420019059-1286093062-1001.dat~FontCache-S-1-5-21-2148495166-3420019059-1286093062-1001.dat
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\segoeui.ttf
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\segoeui.ttf
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\c64c2a[1].woff
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\c64c2a[1].woffc64c2a[1].woff
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\pt-BR\jscript9.dll.mui
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\pt-BR\jscript9.dll.muijscript9.dll.mui
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\S4OWK0RR.txt
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\S4OWK0RR.txt
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\OLU3XFVE.txt
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\OLU3XFVE.txt
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\powrprof.dll
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\powrprof.dll
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\times.ttf
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\times.ttf
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5457A8CE4B2A7499F8299A013B6E1C7C_CE50F893881D43DC0C815E4D80FAF2B4
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5457A8CE4B2A7499F8299A013B6E1C7C_CE50F893881D43DC0C815E4D80FAF2B45457A8CE4B2A7499F8299A013B6E1C7C_CE50F893881D43DC0C815E4D80FAF2B4
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5457A8CE4B2A7499F8299A013B6E1C7C_CE50F893881D43DC0C815E4D80FAF2B4
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5457A8CE4B2A7499F8299A013B6E1C7C_CE50F893881D43DC0C815E4D80FAF2B45457A8CE4B2A7499F8299A013B6E1C7C_CE50F893881D43DC0C815E4D80FAF2B4
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5080DC7A65DB6A5960ECD874088F3328_2908F682DFC81A793BD240CF29711C77
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5080DC7A65DB6A5960ECD874088F3328_2908F682DFC81A793BD240CF29711C775080DC7A65DB6A5960ECD874088F3328_2908F682DFC81A793BD240CF29711C77
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5080DC7A65DB6A5960ECD874088F3328_2908F682DFC81A793BD240CF29711C77
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5080DC7A65DB6A5960ECD874088F3328_2908F682DFC81A793BD240CF29711C775080DC7A65DB6A5960ECD874088F3328_2908F682DFC81A793BD240CF29711C77
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\024823B39FBEACCDB5C06426A8168E99_D14B1CE36D9D0F93A634A5E9E22B442B
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\024823B39FBEACCDB5C06426A8168E99_D14B1CE36D9D0F93A634A5E9E22B442B024823B39FBEACCDB5C06426A8168E99_D14B1CE36D9D0F93A634A5E9E22B442B
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\024823B39FBEACCDB5C06426A8168E99_D14B1CE36D9D0F93A634A5E9E22B442B
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\024823B39FBEACCDB5C06426A8168E99_D14B1CE36D9D0F93A634A5E9E22B442B024823B39FBEACCDB5C06426A8168E99_D14B1CE36D9D0F93A634A5E9E22B442B
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\tzres.dll
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\tzres.dll
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\990861[1].svg
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\990861[1].svg990861[1].svg
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\M4DVBFFQ.txt
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\M4DVBFFQ.txt
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\AA2JbD3[1].png
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\AA2JbD3[1].pngAA2JbD3[1].png
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\S5MKAZSW.txt
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\S5MKAZSW.txt
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\0SX9NXYL.txt
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\0SX9NXYL.txt
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\desktop.ini
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\desktop.ini
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\desktop.ini
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\desktop.ini
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\Z075FCUF.TXT
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\ast[1].js
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\ast[1].jsast[1].js
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~uk-UA~7.1.7601.16492.cat
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~uk-UA~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~uk-UA~7.1.7601.16492.cat
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\24-3b1d5e-68ddb2ab[1].js
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\24-3b1d5e-68ddb2ab[1].js24-3b1d5e-68ddb2ab[1].js
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\chartbeat[1].js
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\chartbeat[1].jschartbeat[1].js
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winmm.dll
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winmm.dll
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\209I53WF.TXT
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\KKO6BXU4.TXT
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\W15N7ZSW.TXT
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\8IX7DPVU.TXT
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\UIAnimation.dll
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\UIAnimation.dllUIAnimation.dll
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\VMNAML7Z.TXT
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~zh-CN~7.1.7601.16492.cat
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~zh-CN~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~zh-CN~7.1.7601.16492.cat
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\AA3jsXa[1].png
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\AA3jsXa[1].pngAA3jsXa[1].png
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\BBqgb7K[1].png
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\BBqgb7K[1].pngBBqgb7K[1].png
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\AAwGgve[1].jpg
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\AAwGgve[1].jpgAAwGgve[1].jpg
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\AAgPBML[1].png
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\AAgPBML[1].pngAAgPBML[1].png
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~ro-RO~7.1.7601.16492.cat
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~ro-RO~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~ro-RO~7.1.7601.16492.cat
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\MSNIdSync[1].js
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\MSNIdSync[1].jsMSNIdSync[1].js
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~th-TH~7.1.7601.16492.cat
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~th-TH~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~th-TH~7.1.7601.16492.cat
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\br_msn_home_vitrine[1].js
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\br_msn_home_vitrine[1].jsbr_msn_home_vitrine[1].js
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_D975BBA8033175C8D112023D8A7A8AD6
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_D975BBA8033175C8D112023D8A7A8AD67423F88C7F265F0DEFC08EA88C3BDE45_D975BBA8033175C8D112023D8A7A8AD6
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_D975BBA8033175C8D112023D8A7A8AD6
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_D975BBA8033175C8D112023D8A7A8AD67423F88C7F265F0DEFC08EA88C3BDE45_D975BBA8033175C8D112023D8A7A8AD6
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A9E4F776657345B52012CE8E279D314C_9E5F079A21E9B5A16B5D6449033D0D0E
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A9E4F776657345B52012CE8E279D314C_9E5F079A21E9B5A16B5D6449033D0D0EA9E4F776657345B52012CE8E279D314C_9E5F079A21E9B5A16B5D6449033D0D0E
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A9E4F776657345B52012CE8E279D314C_9E5F079A21E9B5A16B5D6449033D0D0E
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A9E4F776657345B52012CE8E279D314C_9E5F079A21E9B5A16B5D6449033D0D0EA9E4F776657345B52012CE8E279D314C_9E5F079A21E9B5A16B5D6449033D0D0E
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5ABEDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5ABEDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\br_msn_home_vitrine.cfg[1].js
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\br_msn_home_vitrine.cfg[1].jsbr_msn_home_vitrine.cfg[1].js
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\aep-formats-20.14.0.min[1].js
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\aep-formats-20.14.0.min[1].jsaep-formats-20.14.0.min[1].js
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\59c177f5d970c300041220e2.tpl.min[1].js
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\59c177f5d970c300041220e2.tpl.min[1].js59c177f5d970c300041220e2.tpl.min[1].js
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\TaboolaCookieSyncScript[1].js
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\TaboolaCookieSyncScript[1].jsTaboolaCookieSyncScript[1].js
3/3/2020 - 18:45:48.231Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_88614FFAD35D353421B8A7E1FE18FCE4
3/3/2020 - 18:45:48.231Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_88614FFAD35D353421B8A7E1FE18FCE46BADA8974A10C4BD62CC921D13E43B18_88614FFAD35D353421B8A7E1FE18FCE4
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_88614FFAD35D353421B8A7E1FE18FCE4
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_88614FFAD35D353421B8A7E1FE18FCE46BADA8974A10C4BD62CC921D13E43B18_88614FFAD35D353421B8A7E1FE18FCE4
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\59c177f5d970c300041220e2[1].css
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\59c177f5d970c300041220e2[1].css59c177f5d970c300041220e2[1].css
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_C9FB72B5AE80778A08024D8B0FDECC6F
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_C9FB72B5AE80778A08024D8B0FDECC6F6BADA8974A10C4BD62CC921D13E43B18_C9FB72B5AE80778A08024D8B0FDECC6F
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_C9FB72B5AE80778A08024D8B0FDECC6F
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_C9FB72B5AE80778A08024D8B0FDECC6F6BADA8974A10C4BD62CC921D13E43B18_C9FB72B5AE80778A08024D8B0FDECC6F
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\58b810[1].gif
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\58b810[1].gif58b810[1].gif
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F12703B35B1F82C21160A92376087C84_D65FD79591497596ED270B90105A4D42
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F12703B35B1F82C21160A92376087C84_D65FD79591497596ED270B90105A4D42F12703B35B1F82C21160A92376087C84_D65FD79591497596ED270B90105A4D42
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F12703B35B1F82C21160A92376087C84_D65FD79591497596ED270B90105A4D42
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F12703B35B1F82C21160A92376087C84_D65FD79591497596ED270B90105A4D42F12703B35B1F82C21160A92376087C84_D65FD79591497596ED270B90105A4D42
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\msn[1].htm
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\msn[1].htmmsn[1].htm
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~nl-NL~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~nl-NL~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~nl-NL~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\publishertag[1].js
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\publishertag[1].jspublishertag[1].js
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\SILENTPASSPORT[1].HTM
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~pt-PT~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~pt-PT~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~pt-PT~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~sk-SK~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~sk-SK~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~sk-SK~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~sl-SI~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~sl-SI~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~sl-SI~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\FZP5WLKE.TXT
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~et-EE~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~et-EE~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~et-EE~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\c08e43[1].jpg
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\c08e43[1].jpgc08e43[1].jpg
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WindowsCodecsExt.dll
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WindowsCodecsExt.dllWindowsCodecsExt.dll
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msxml6.dll
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msxml6.dll
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\pt-BR\KernelBase.dll.mui
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\pt-BR\KernelBase.dll.muiKernelBase.dll.mui
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msxml6r.dll
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msxml6r.dll
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\865070[1].jpg
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\865070[1].jpg865070[1].jpg
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\8bd8bf[1].jpg
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\8bd8bf[1].jpg8bd8bf[1].jpg
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\8adb60[1].jpg
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\8adb60[1].jpg8adb60[1].jpg
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\undefined[1].png
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\undefined[1].pngundefined[1].png
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\784660[1].jpg
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\784660[1].jpg784660[1].jpg
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\784659[1].jpg
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\784659[1].jpg784659[1].jpg
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\784663[1].jpg
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\784663[1].jpg784663[1].jpg
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\784658[1].jpg
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\784658[1].jpg784658[1].jpg
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\async_usersync[1].htm
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\async_usersync[1].htmasync_usersync[1].htm
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\beacon[1].js
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\beacon[1].jsbeacon[1].js
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hi-IN~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hi-IN~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hi-IN~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~he-IL~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~he-IL~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~he-IL~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~el-GR~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~el-GR~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~el-GR~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~uk-UA~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~uk-UA~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~uk-UA~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hr-HR~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hr-HR~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hr-HR~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-CN~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-CN~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-CN~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~lt-LT~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~lt-LT~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~lt-LT~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-HK~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-HK~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-HK~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~cs-CZ~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~cs-CZ~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~cs-CZ~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-TW~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-TW~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-TW~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\ASYNC_USERSYNC[1].JS
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\VP5UL7J7.TXT
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\9LD3P0Y8.TXT
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\19O5P9C0.txt
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\19O5P9C0.txt
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imgutil.dll
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imgutil.dll
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~da-DK~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~da-DK~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~da-DK~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~sk-SK~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~sk-SK~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~sk-SK~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~da-DK~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~da-DK~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~da-DK~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~ja-JP~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~ja-JP~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~ja-JP~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pt-BR~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pt-BR~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pt-BR~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hu-HU~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hu-HU~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hu-HU~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~lv-LV~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~lv-LV~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~lv-LV~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~ar-SA~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~ar-SA~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~ar-SA~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pl-PL~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pl-PL~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pl-PL~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pt-PT~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pt-PT~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pt-PT~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~sv-SE~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~sv-SE~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~sv-SE~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~ru-RU~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~ru-RU~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~ru-RU~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~hu-HU~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~hu-HU~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~hu-HU~7.1.7601.16492.cat
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\X0AL0GS5.TXT
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\6SGKN470.TXT
3/3/2020 - 18:45:48.247Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~it-IT~7.1.7601.16492.cat
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~it-IT~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~it-IT~7.1.7601.16492.cat
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~it-IT~7.1.7601.16492.cat
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~it-IT~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~it-IT~7.1.7601.16492.cat
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\8IS70EJY.txt
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\8IS70EJY.txt
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\QSML[2].XML
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc6.dll
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc6.dlldhcpcsvc6.dll
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc.dll
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc.dll
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~tr-TR~7.1.7601.16492.cat
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~tr-TR~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~tr-TR~7.1.7601.16492.cat
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_D93C575AD9E9AF9B95268A3CB953B5A1
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_D93C575AD9E9AF9B95268A3CB953B5A1B398B80134F72209547439DB21AB308D_D93C575AD9E9AF9B95268A3CB953B5A1
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\QSML[3].XML
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9915FBCE5ECE56452A09FB65EDE2FAD2_80F9A36DBD5FAAA38A8DED2B49FA4109
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9915FBCE5ECE56452A09FB65EDE2FAD2_80F9A36DBD5FAAA38A8DED2B49FA41099915FBCE5ECE56452A09FB65EDE2FAD2_80F9A36DBD5FAAA38A8DED2B49FA4109
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9915FBCE5ECE56452A09FB65EDE2FAD2_80F9A36DBD5FAAA38A8DED2B49FA4109
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9915FBCE5ECE56452A09FB65EDE2FAD2_80F9A36DBD5FAAA38A8DED2B49FA41099915FBCE5ECE56452A09FB65EDE2FAD2_80F9A36DBD5FAAA38A8DED2B49FA4109
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~pl-PL~7.1.7601.16492.cat
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~pl-PL~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~pl-PL~7.1.7601.16492.cat
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~nb-NO~7.1.7601.16492.cat
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~nb-NO~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~nb-NO~7.1.7601.16492.cat
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\QSML[6].XML
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\GRO8Z4YG.txt
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\GRO8Z4YG.txt
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\D3LNK60R.txt
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\D3LNK60R.txt
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\TOEJ0U6L.TXT
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.tlb
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.tlb
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\UIAutomationCore.dll
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\UIAutomationCore.dllUIAutomationCore.dll
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\psapi.dll
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\psapi.dll
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\C_20127.NLS
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\C_20127.NLS
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\Wpc.dll
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\Wpc.dll
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wevtapi.dll
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wevtapi.dll
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\samcli.dll
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\samcli.dll
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\samlib.dll
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\samlib.dll
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\netutils.dll
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\netutils.dll
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\cversions.2.db
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\cversions.2.dbcversions.2.db
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000011.db
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000011.db{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000011.db
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\VCREDIST_X86[1].EXE
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\vcredist_x64.exe
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\vcredist_x64.exe
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\vcredist_x86.exe
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\vcredist_x86.exe
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\2RMLHNN7.TXT
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\V1[1].HTM
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\style[1].css
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\style[1].cssstyle[1].css
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\bing-search-logo[1].png
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\bing-search-logo[1].pngbing-search-logo[1].png
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\4300ae64-546c-4bbe-9026-6779b3684fb8_32[1].png
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\4300ae64-546c-4bbe-9026-6779b3684fb8_32[1].png4300ae64-546c-4bbe-9026-6779b3684fb8_32[1].png
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\script[1].js
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\script[1].jsscript[1].js
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\click-run_pt-br[1].jpg
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\click-run_pt-br[1].jpgclick-run_pt-br[1].jpg
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\script[2].js
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\script[2].jsscript[2].js
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_592839A8569F831D0F2306AE4BB5C24B
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_592839A8569F831D0F2306AE4BB5C24BB398B80134F72209547439DB21AB308D_592839A8569F831D0F2306AE4BB5C24B
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_592839A8569F831D0F2306AE4BB5C24B
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_592839A8569F831D0F2306AE4BB5C24BB398B80134F72209547439DB21AB308D_592839A8569F831D0F2306AE4BB5C24B
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\1715500327[1].js
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\1715500327[1].js1715500327[1].js
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_D9817BD5013875AD517DA73475345203
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_D9817BD5013875AD517DA734753452036BADA8974A10C4BD62CC921D13E43B18_D9817BD5013875AD517DA73475345203
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_D9817BD5013875AD517DA73475345203
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_D9817BD5013875AD517DA734753452036BADA8974A10C4BD62CC921D13E43B18_D9817BD5013875AD517DA73475345203
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\jquery-1.8.3.min[1].js
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\jquery-1.8.3.min[1].jsjquery-1.8.3.min[1].js
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\SM4GL60W\www.microsoft[1].xml
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\SM4GL60W\www.microsoft[1].xmlwww.microsoft[1].xml
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\0A8EFV2Z.TXT
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\5DWWY1IU.TXT
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\0RSIIBM3.TXT
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\MYD0W1QU.TXT
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mfplat.dll
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mfplat.dll
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\avrt.dll
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\avrt.dll
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\latest[1].eot
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\latest[1].eotlatest[1].eot
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\latest[2].eot
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\latest[2].eotlatest[2].eot
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtmlmedia.dll
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtmlmedia.dllmshtmlmedia.dll
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mf.dll
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mf.dll
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\atl.dll
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\atl.dll
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ksuser.dll
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ksuser.dll
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\t2embed.dll
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\t2embed.dll
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\seguisb.ttf
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\seguisb.ttf
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\latest[1].eot
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\latest[1].eotlatest[1].eot
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\search_icon[1].png
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\search_icon[1].pngsearch_icon[1].png
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\micross.ttf
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\micross.ttf
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\ie[1].png
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\ie[1].pngie[1].png
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\yellow-arrow[1].png
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\yellow-arrow[1].pngyellow-arrow[1].png
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\Bing[1].png
3/3/2020 - 18:45:48.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\Bing[1].pngBing[1].png
3/3/2020 - 18:45:48.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\windowsupdate[1].png
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\windowsupdate[1].pngwindowsupdate[1].png
3/3/2020 - 18:45:48.340Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\35DDEDF268117918D1D277A171D8DF7B_F2DE72102A14736B534BAAAB62F0BD4B
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\35DDEDF268117918D1D277A171D8DF7B_F2DE72102A14736B534BAAAB62F0BD4B35DDEDF268117918D1D277A171D8DF7B_F2DE72102A14736B534BAAAB62F0BD4B
3/3/2020 - 18:45:48.340Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\35DDEDF268117918D1D277A171D8DF7B_F2DE72102A14736B534BAAAB62F0BD4B
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\35DDEDF268117918D1D277A171D8DF7B_F2DE72102A14736B534BAAAB62F0BD4B35DDEDF268117918D1D277A171D8DF7B_F2DE72102A14736B534BAAAB62F0BD4B
3/3/2020 - 18:45:48.340Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\LIKE[1].HTM
3/3/2020 - 18:45:48.340Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\xfLjhe25qYs[1].js
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\xfLjhe25qYs[1].jsxfLjhe25qYs[1].js
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~cs-CZ~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~cs-CZ~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~uk-UA~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~uk-UA~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~zh-CN~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~zh-CN~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~ro-RO~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~ro-RO~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~th-TH~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~th-TH~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~nl-NL~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~nl-NL~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~pt-PT~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~pt-PT~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~sk-SK~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~sk-SK~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~sl-SI~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~sl-SI~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~et-EE~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~et-EE~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hi-IN~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hi-IN~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~he-IL~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~he-IL~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~el-GR~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~el-GR~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~uk-UA~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~uk-UA~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hr-HR~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hr-HR~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-CN~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-CN~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~lt-LT~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~lt-LT~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-HK~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-HK~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~cs-CZ~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~cs-CZ~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-TW~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-TW~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~da-DK~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~da-DK~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~sk-SK~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~sk-SK~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~da-DK~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~da-DK~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~ja-JP~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~ja-JP~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pt-BR~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pt-BR~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hu-HU~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hu-HU~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~lv-LV~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~lv-LV~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~ar-SA~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~ar-SA~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pl-PL~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pl-PL~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pt-PT~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pt-PT~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~sv-SE~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~sv-SE~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~ru-RU~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~ru-RU~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~hu-HU~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~hu-HU~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~it-IT~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~it-IT~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~it-IT~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~it-IT~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~tr-TR~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~tr-TR~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~pl-PL~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~pl-PL~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~nb-NO~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~nb-NO~7.1.7601.16492.cat
3/3/2020 - 18:45:48.340Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\UIAutomationCore.dllUIAutomationCore.dll
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\locale.nls
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting\SortDefault.nlsSortDefault.nls
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.ManifestWindowsShell.Manifest
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\8CS2PRM4.txt
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_BEB37ABADF39714871232B4792417E046BADA8974A10C4BD62CC921D13E43B18_BEB37ABADF39714871232B4792417E04
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_BEB37ABADF39714871232B4792417E046BADA8974A10C4BD62CC921D13E43B18_BEB37ABADF39714871232B4792417E04
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\50D6B15D9F2DCE1EDBB0C098625FBE47_281AC807DE0FEF15F2CA9911FE760A9B50D6B15D9F2DCE1EDBB0C098625FBE47_281AC807DE0FEF15F2CA9911FE760A9B
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\50D6B15D9F2DCE1EDBB0C098625FBE47_281AC807DE0FEF15F2CA9911FE760A9B50D6B15D9F2DCE1EDBB0C098625FBE47_281AC807DE0FEF15F2CA9911FE760A9B
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\oleaccrc.dll
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\e151e5[1].gife151e5[1].gif
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB1kvzy[1].pngBB1kvzy[1].png
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\AAwBbg7[1].jpgAAwBbg7[1].jpg
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\AAv4RrG[1].jpgAAv4RrG[1].jpg
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\AAwGL0I[1].jpgAAwGL0I[1].jpg
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB8MKSg[1].pngBB8MKSg[1].png
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB8MIiC[1].pngBB8MIiC[1].png
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\b8-2f3a4c-4b5f58d3[1].cssb8-2f3a4c-4b5f58d3[1].css
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-System.dat~FontCache-System.dat
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\O7SUU5RP\www.msn[1].xmlwww.msn[1].xml
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\adswrappermsni[1].jsadswrappermsni[1].js
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\jquery-2.1.1.min[1].jsjquery-2.1.1.min[1].js
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\41-e73167-68ddb2ab[1].js41-e73167-68ddb2ab[1].js
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-FontFace.dat~FontCache-FontFace.dat
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-S-1-5-21-2148495166-3420019059-1286093062-1001.dat~FontCache-S-1-5-21-2148495166-3420019059-1286093062-1001.dat
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\segoeui.ttf
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\c64c2a[1].woffc64c2a[1].woff
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\pt-BR\jscript9.dll.muijscript9.dll.mui
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\S4OWK0RR.txt
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\OLU3XFVE.txt
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\times.ttf
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5457A8CE4B2A7499F8299A013B6E1C7C_CE50F893881D43DC0C815E4D80FAF2B45457A8CE4B2A7499F8299A013B6E1C7C_CE50F893881D43DC0C815E4D80FAF2B4
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5457A8CE4B2A7499F8299A013B6E1C7C_CE50F893881D43DC0C815E4D80FAF2B45457A8CE4B2A7499F8299A013B6E1C7C_CE50F893881D43DC0C815E4D80FAF2B4
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5080DC7A65DB6A5960ECD874088F3328_2908F682DFC81A793BD240CF29711C775080DC7A65DB6A5960ECD874088F3328_2908F682DFC81A793BD240CF29711C77
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5080DC7A65DB6A5960ECD874088F3328_2908F682DFC81A793BD240CF29711C775080DC7A65DB6A5960ECD874088F3328_2908F682DFC81A793BD240CF29711C77
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\024823B39FBEACCDB5C06426A8168E99_D14B1CE36D9D0F93A634A5E9E22B442B024823B39FBEACCDB5C06426A8168E99_D14B1CE36D9D0F93A634A5E9E22B442B
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\024823B39FBEACCDB5C06426A8168E99_D14B1CE36D9D0F93A634A5E9E22B442B024823B39FBEACCDB5C06426A8168E99_D14B1CE36D9D0F93A634A5E9E22B442B
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\tzres.dll
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\990861[1].svg990861[1].svg
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\M4DVBFFQ.txt
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\AA2JbD3[1].pngAA2JbD3[1].png
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\S5MKAZSW.txt
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\0SX9NXYL.txt
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\desktop.ini
3/3/2020 - 18:45:48.340Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\desktop.ini
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\ast[1].jsast[1].js
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\24-3b1d5e-68ddb2ab[1].js24-3b1d5e-68ddb2ab[1].js
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\chartbeat[1].jschartbeat[1].js
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\AA3jsXa[1].pngAA3jsXa[1].png
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\BBqgb7K[1].pngBBqgb7K[1].png
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\AAwGgve[1].jpgAAwGgve[1].jpg
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\AAgPBML[1].pngAAgPBML[1].png
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\MSNIdSync[1].jsMSNIdSync[1].js
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\br_msn_home_vitrine[1].jsbr_msn_home_vitrine[1].js
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_D975BBA8033175C8D112023D8A7A8AD67423F88C7F265F0DEFC08EA88C3BDE45_D975BBA8033175C8D112023D8A7A8AD6
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_D975BBA8033175C8D112023D8A7A8AD67423F88C7F265F0DEFC08EA88C3BDE45_D975BBA8033175C8D112023D8A7A8AD6
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A9E4F776657345B52012CE8E279D314C_9E5F079A21E9B5A16B5D6449033D0D0EA9E4F776657345B52012CE8E279D314C_9E5F079A21E9B5A16B5D6449033D0D0E
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A9E4F776657345B52012CE8E279D314C_9E5F079A21E9B5A16B5D6449033D0D0EA9E4F776657345B52012CE8E279D314C_9E5F079A21E9B5A16B5D6449033D0D0E
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5ABEDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5ABEDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\br_msn_home_vitrine.cfg[1].jsbr_msn_home_vitrine.cfg[1].js
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\aep-formats-20.14.0.min[1].jsaep-formats-20.14.0.min[1].js
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\59c177f5d970c300041220e2.tpl.min[1].js59c177f5d970c300041220e2.tpl.min[1].js
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\TaboolaCookieSyncScript[1].jsTaboolaCookieSyncScript[1].js
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_88614FFAD35D353421B8A7E1FE18FCE46BADA8974A10C4BD62CC921D13E43B18_88614FFAD35D353421B8A7E1FE18FCE4
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_88614FFAD35D353421B8A7E1FE18FCE46BADA8974A10C4BD62CC921D13E43B18_88614FFAD35D353421B8A7E1FE18FCE4
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\59c177f5d970c300041220e2[1].css59c177f5d970c300041220e2[1].css
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_C9FB72B5AE80778A08024D8B0FDECC6F6BADA8974A10C4BD62CC921D13E43B18_C9FB72B5AE80778A08024D8B0FDECC6F
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_C9FB72B5AE80778A08024D8B0FDECC6F6BADA8974A10C4BD62CC921D13E43B18_C9FB72B5AE80778A08024D8B0FDECC6F
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\58b810[1].gif58b810[1].gif
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F12703B35B1F82C21160A92376087C84_D65FD79591497596ED270B90105A4D42F12703B35B1F82C21160A92376087C84_D65FD79591497596ED270B90105A4D42
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F12703B35B1F82C21160A92376087C84_D65FD79591497596ED270B90105A4D42F12703B35B1F82C21160A92376087C84_D65FD79591497596ED270B90105A4D42
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\msn[1].htmmsn[1].htm
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\publishertag[1].jspublishertag[1].js
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\c08e43[1].jpgc08e43[1].jpg
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\pt-BR\KernelBase.dll.muiKernelBase.dll.mui
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msxml6r.dll
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\865070[1].jpg865070[1].jpg
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\8bd8bf[1].jpg8bd8bf[1].jpg
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\8adb60[1].jpg8adb60[1].jpg
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\undefined[1].pngundefined[1].png
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\784660[1].jpg784660[1].jpg
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\784659[1].jpg784659[1].jpg
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\784663[1].jpg784663[1].jpg
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\784658[1].jpg784658[1].jpg
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\async_usersync[1].htmasync_usersync[1].htm
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\beacon[1].jsbeacon[1].js
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\19O5P9C0.txt
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\8IS70EJY.txt
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_D93C575AD9E9AF9B95268A3CB953B5A1B398B80134F72209547439DB21AB308D_D93C575AD9E9AF9B95268A3CB953B5A1
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9915FBCE5ECE56452A09FB65EDE2FAD2_80F9A36DBD5FAAA38A8DED2B49FA41099915FBCE5ECE56452A09FB65EDE2FAD2_80F9A36DBD5FAAA38A8DED2B49FA4109
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9915FBCE5ECE56452A09FB65EDE2FAD2_80F9A36DBD5FAAA38A8DED2B49FA41099915FBCE5ECE56452A09FB65EDE2FAD2_80F9A36DBD5FAAA38A8DED2B49FA4109
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\GRO8Z4YG.txt
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\D3LNK60R.txt
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.tlb
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\C_20127.NLS
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\cversions.2.dbcversions.2.db
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000011.db{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000011.db
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\vcredist_x64.exe
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\vcredist_x86.exe
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\style[1].cssstyle[1].css
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\bing-search-logo[1].pngbing-search-logo[1].png
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\4300ae64-546c-4bbe-9026-6779b3684fb8_32[1].png4300ae64-546c-4bbe-9026-6779b3684fb8_32[1].png
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\script[1].jsscript[1].js
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\click-run_pt-br[1].jpgclick-run_pt-br[1].jpg
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\script[2].jsscript[2].js
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_592839A8569F831D0F2306AE4BB5C24BB398B80134F72209547439DB21AB308D_592839A8569F831D0F2306AE4BB5C24B
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_592839A8569F831D0F2306AE4BB5C24BB398B80134F72209547439DB21AB308D_592839A8569F831D0F2306AE4BB5C24B
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\1715500327[1].js1715500327[1].js
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_D9817BD5013875AD517DA734753452036BADA8974A10C4BD62CC921D13E43B18_D9817BD5013875AD517DA73475345203
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_D9817BD5013875AD517DA734753452036BADA8974A10C4BD62CC921D13E43B18_D9817BD5013875AD517DA73475345203
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\jquery-1.8.3.min[1].jsjquery-1.8.3.min[1].js
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\SM4GL60W\www.microsoft[1].xmlwww.microsoft[1].xml
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\latest[1].eotlatest[1].eot
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\latest[2].eotlatest[2].eot
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\seguisb.ttf
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\latest[1].eotlatest[1].eot
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\search_icon[1].pngsearch_icon[1].png
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\micross.ttf
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\ie[1].pngie[1].png
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\yellow-arrow[1].pngyellow-arrow[1].png
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\Bing[1].pngBing[1].png
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\windowsupdate[1].pngwindowsupdate[1].png
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\35DDEDF268117918D1D277A171D8DF7B_F2DE72102A14736B534BAAAB62F0BD4B35DDEDF268117918D1D277A171D8DF7B_F2DE72102A14736B534BAAAB62F0BD4B
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\35DDEDF268117918D1D277A171D8DF7B_F2DE72102A14736B534BAAAB62F0BD4B35DDEDF268117918D1D277A171D8DF7B_F2DE72102A14736B534BAAAB62F0BD4B
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\xfLjhe25qYs[1].jsxfLjhe25qYs[1].js
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:48.356Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\ntdll.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64win.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64cpu.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\kernel32.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\kernel32.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\user32.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ntdll.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\apisetschema.dllapisetschema.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msvcrt.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dllapi-ms-win-downlevel-advapi32-l1-1-0.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\advapi32.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sechost.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rpcrt4.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sspicli.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptbase.dllcryptbase.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\iertutil.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dllapi-ms-win-downlevel-version-l1-1-0.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\version.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dllapi-ms-win-downlevel-user32-l1-1-0.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\user32.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\gdi32.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\lpk.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\usp10.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dllapi-ms-win-downlevel-normaliz-l1-1-0.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\normaliz.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dllapi-ms-win-downlevel-shlwapi-l1-1-0.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\shlwapi.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imm32.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msctf.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dllapi-ms-win-downlevel-shell32-l1-1-0.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\shell32.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ole32.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\oleaut32.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEShims.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\comdlg32.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dllapi-ms-win-downlevel-ole32-l1-1-0.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\uxtheme.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wininet.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\userenv.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\profapi.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\secur32.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dllapi-ms-win-downlevel-advapi32-l2-1-0.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\urlmon.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ws2_32.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\nsi.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winhttp.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\webio.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mswsock.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wship6.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winnsi.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptsp.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\RpcRtRemote.dllRpcRtRemote.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\clbcatq.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dllapi-ms-win-downlevel-shlwapi-l2-1-0.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dwmapi.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\sqmapi.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcrypt.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcryptprimitives.dllbcryptprimitives.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d2d1.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\DWrite.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dxgi.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\setupapi.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cfgmgr32.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\devobj.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wintrust.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\crypt32.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msasn1.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\apphelp.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mlang.dll
3/3/2020 - 18:45:48.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\propsys.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dnsapi.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WSHTCPIP.DLL
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rasadhlp.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\FWPUCLNT.DLL
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieui.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wshqos.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sxs.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\credssp.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\schannel.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ncrypt.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\gpapi.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\p2pcollab.dllp2pcollab.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptnet.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\Wldap32.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\SensApi.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\netprofm.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\nlaapi.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msimtf.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\oleacc.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\npmproxy.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\jscript9.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WindowsCodecs.dllWindowsCodecs.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d11.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d10warp.dlld3d10warp.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\xmllite.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\powrprof.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winmm.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\UIAnimation.dllUIAnimation.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WindowsCodecsExt.dllWindowsCodecsExt.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msxml6.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imgutil.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc6.dlldhcpcsvc6.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\psapi.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\Wpc.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wevtapi.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\samcli.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\samlib.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\netutils.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mfplat.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\avrt.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtmlmedia.dllmshtmlmedia.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mf.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\atl.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ksuser.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\t2embed.dll
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exe\Device\HarddiskVolume2
3/3/2020 - 18:45:48.450Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows
3/3/2020 - 18:45:48.450Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64.dll
3/3/2020 - 18:45:48.450Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64.dll
3/3/2020 - 18:45:48.450Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64win.dll
3/3/2020 - 18:45:48.450Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64win.dll
3/3/2020 - 18:45:48.450Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64cpu.dll
3/3/2020 - 18:45:48.450Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64cpu.dll
3/3/2020 - 18:45:48.450Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64log.dll
3/3/2020 - 18:45:48.450Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows
3/3/2020 - 18:45:48.450Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows
3/3/2020 - 18:45:48.450Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop
3/3/2020 - 18:45:48.450Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sechost.dll
3/3/2020 - 18:45:48.450Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sechost.dll
3/3/2020 - 18:45:48.450Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\version.DLL
3/3/2020 - 18:45:48.450Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\version.dll
3/3/2020 - 18:45:48.450Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\version.dll
3/3/2020 - 18:45:48.450Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imm32.dll
3/3/2020 - 18:45:48.450Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imm32.dll
3/3/2020 - 18:45:48.450Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imm32.dll
3/3/2020 - 18:45:48.450Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imm32.dll
3/3/2020 - 18:45:48.450Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imm32.dll
3/3/2020 - 18:45:48.450Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imm32.dll
3/3/2020 - 18:45:48.465Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting\SortDefault.nls
3/3/2020 - 18:45:48.465Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting\SortDefault.nlsSortDefault.nls
3/3/2020 - 18:45:48.465Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\api-ms-win-downlevel-shell32-l1-1-0.dll
3/3/2020 - 18:45:48.465Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
3/3/2020 - 18:45:48.465Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dllapi-ms-win-downlevel-shell32-l1-1-0.dll
3/3/2020 - 18:45:48.465Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
3/3/2020 - 18:45:48.465Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dllapi-ms-win-downlevel-shell32-l1-1-0.dll
3/3/2020 - 18:45:48.465Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEFRAME.dll
3/3/2020 - 18:45:48.465Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:48.465Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:48.481Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:48.481Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE.Local
3/3/2020 - 18:45:48.481Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
3/3/2020 - 18:45:48.481Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
3/3/2020 - 18:45:48.481Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
3/3/2020 - 18:45:48.481Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
3/3/2020 - 18:45:48.481Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
3/3/2020 - 18:45:48.481Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
3/3/2020 - 18:45:48.481Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
3/3/2020 - 18:45:48.481Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.Manifest
3/3/2020 - 18:45:48.481Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.ManifestWindowsShell.Manifest
3/3/2020 - 18:45:48.481Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEShims.dll
3/3/2020 - 18:45:48.481Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEShims.dll
3/3/2020 - 18:45:48.481Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE.Local
3/3/2020 - 18:45:48.481Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc
3/3/2020 - 18:45:48.481Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc
3/3/2020 - 18:45:48.481Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc
3/3/2020 - 18:45:48.481Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
3/3/2020 - 18:45:48.481Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
3/3/2020 - 18:45:48.481Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
3/3/2020 - 18:45:48.481Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
3/3/2020 - 18:45:48.481Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
3/3/2020 - 18:45:48.481Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
3/3/2020 - 18:45:48.481Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
3/3/2020 - 18:45:48.481Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
3/3/2020 - 18:45:48.481Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
3/3/2020 - 18:45:48.481Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
3/3/2020 - 18:45:48.481Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
3/3/2020 - 18:45:48.481Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
3/3/2020 - 18:45:48.481Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
3/3/2020 - 18:45:48.481Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
3/3/2020 - 18:45:48.481Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
3/3/2020 - 18:45:48.481Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
3/3/2020 - 18:45:48.481Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rpcss.dll
3/3/2020 - 18:45:48.481Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rpcss.dll
3/3/2020 - 18:45:48.481Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\uxtheme.dll
3/3/2020 - 18:45:48.481Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\uxtheme.dll
3/3/2020 - 18:45:48.543Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\Secur32.dll
3/3/2020 - 18:45:48.543Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\secur32.dll
3/3/2020 - 18:45:48.543Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\secur32.dll
3/3/2020 - 18:45:48.543Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
3/3/2020 - 18:45:48.543Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
3/3/2020 - 18:45:48.543Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\api-ms-win-downlevel-advapi32-l2-1-0.dll
3/3/2020 - 18:45:48.543Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
3/3/2020 - 18:45:48.543Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dllapi-ms-win-downlevel-advapi32-l2-1-0.dll
3/3/2020 - 18:45:48.543Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
3/3/2020 - 18:45:48.543Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dllapi-ms-win-downlevel-advapi32-l2-1-0.dll
3/3/2020 - 18:45:48.606Open1480C:\malware.exeC:\Windows\SysWOW64\wininet.dll
3/3/2020 - 18:45:48.606Open1480C:\malware.exeC:\Windows\SysWOW64\wininet.dll
3/3/2020 - 18:45:48.622Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat
3/3/2020 - 18:45:48.622Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winhttp.dll
3/3/2020 - 18:45:48.622Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winhttp.dll
3/3/2020 - 18:45:48.622Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\webio.dll
3/3/2020 - 18:45:48.622Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\webio.dll
3/3/2020 - 18:45:48.622Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mswsock.dll
3/3/2020 - 18:45:48.622Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mswsock.dll
3/3/2020 - 18:45:48.622Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wship6.dll
3/3/2020 - 18:45:48.637Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wship6.dll
3/3/2020 - 18:45:48.637Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IPHLPAPI.DLL
3/3/2020 - 18:45:48.637Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
3/3/2020 - 18:45:48.684Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
3/3/2020 - 18:45:48.684Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\WINNSI.DLL
3/3/2020 - 18:45:48.684Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winnsi.dll
3/3/2020 - 18:45:48.684Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winnsi.dll
3/3/2020 - 18:45:48.872Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\CRYPTSP.dll
3/3/2020 - 18:45:48.872Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptsp.dll
3/3/2020 - 18:45:48.872Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptsp.dll
3/3/2020 - 18:45:48.872Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
3/3/2020 - 18:45:48.872Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
3/3/2020 - 18:45:48.872Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
3/3/2020 - 18:45:48.872Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
3/3/2020 - 18:45:48.872Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
3/3/2020 - 18:45:48.872Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
3/3/2020 - 18:45:48.872Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
3/3/2020 - 18:45:48.872Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
3/3/2020 - 18:45:48.872Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
3/3/2020 - 18:45:48.872Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
3/3/2020 - 18:45:48.887Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
3/3/2020 - 18:45:48.887Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
3/3/2020 - 18:45:48.887Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\RpcRtRemote.dll
3/3/2020 - 18:45:48.887Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\RpcRtRemote.dll
3/3/2020 - 18:45:48.887Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\RpcRtRemote.dllRpcRtRemote.dll
3/3/2020 - 18:45:48.887Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\RpcRtRemote.dll
3/3/2020 - 18:45:48.887Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\RpcRtRemote.dllRpcRtRemote.dll
3/3/2020 - 18:45:48.981Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:48.981Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:48.981Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:48.981Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites
3/3/2020 - 18:45:48.981Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites
3/3/2020 - 18:45:48.981Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites
3/3/2020 - 18:45:48.981Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
3/3/2020 - 18:45:48.981Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
3/3/2020 - 18:45:48.981Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\api-ms-win-downlevel-shlwapi-l2-1-0.dll
3/3/2020 - 18:45:48.981Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
3/3/2020 - 18:45:48.981Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dllapi-ms-win-downlevel-shlwapi-l2-1-0.dll
3/3/2020 - 18:45:48.981Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
3/3/2020 - 18:45:48.981Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dllapi-ms-win-downlevel-shlwapi-l2-1-0.dll
3/3/2020 - 18:45:48.981Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\dwmapi.dll
3/3/2020 - 18:45:48.981Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dwmapi.dll
3/3/2020 - 18:45:48.981Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dwmapi.dll
3/3/2020 - 18:45:48.981Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)
3/3/2020 - 18:45:48.981Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)
3/3/2020 - 18:45:48.981Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\sqmapi.dll
3/3/2020 - 18:45:48.981Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\sqmapi.dll
3/3/2020 - 18:45:49.106Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\MSHTML.dll
3/3/2020 - 18:45:49.106Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.dll
3/3/2020 - 18:45:49.106Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.dll
3/3/2020 - 18:45:49.106Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\d2d1.dll
3/3/2020 - 18:45:49.106Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d2d1.dll
3/3/2020 - 18:45:49.106Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d2d1.dll
3/3/2020 - 18:45:49.106Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\DWrite.dll
3/3/2020 - 18:45:49.106Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\DWrite.dll
3/3/2020 - 18:45:49.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\DWrite.dll
3/3/2020 - 18:45:49.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\dxgi.dll
3/3/2020 - 18:45:49.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dxgi.dll
3/3/2020 - 18:45:49.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dxgi.dll
3/3/2020 - 18:45:49.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
3/3/2020 - 18:45:49.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\DXGIDebug.dll
3/3/2020 - 18:45:49.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\DXGIDebug.dll
3/3/2020 - 18:45:49.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\DXGIDebug.dll
3/3/2020 - 18:45:49.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
3/3/2020 - 18:45:49.309Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\bcrypt.dll
3/3/2020 - 18:45:49.309Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcrypt.dll
3/3/2020 - 18:45:49.309Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcrypt.dll
3/3/2020 - 18:45:49.309Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcryptprimitives.dll
3/3/2020 - 18:45:49.309Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcryptprimitives.dllbcryptprimitives.dll
3/3/2020 - 18:45:49.309Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcryptprimitives.dll
3/3/2020 - 18:45:49.309Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcryptprimitives.dllbcryptprimitives.dll
3/3/2020 - 18:45:49.684Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\shell32.dll
3/3/2020 - 18:45:49.684Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE.Local
3/3/2020 - 18:45:49.684Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
3/3/2020 - 18:45:49.684Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
3/3/2020 - 18:45:49.684Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
3/3/2020 - 18:45:49.684Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\apphelp.dll
3/3/2020 - 18:45:49.684Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\apphelp.dll
3/3/2020 - 18:45:49.684Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\apphelp.dll
3/3/2020 - 18:45:49.684Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:49.684Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:49.684Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\MLANG.dll
3/3/2020 - 18:45:49.684Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mlang.dll
3/3/2020 - 18:45:49.684Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mlang.dll
3/3/2020 - 18:45:49.684Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\PROPSYS.dll
3/3/2020 - 18:45:49.684Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\propsys.dll
3/3/2020 - 18:45:49.684Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\propsys.dll
3/3/2020 - 18:45:49.684Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:49.684Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:49.684Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:49.684Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:49.684Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:49.700Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:49.700Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
3/3/2020 - 18:45:49.700Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
3/3/2020 - 18:45:49.700Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
3/3/2020 - 18:45:49.700Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
3/3/2020 - 18:45:49.700Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
3/3/2020 - 18:45:49.700Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:49.700Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:49.700Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:49.700Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
3/3/2020 - 18:45:49.700Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
3/3/2020 - 18:45:49.700Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
3/3/2020 - 18:45:49.700Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
3/3/2020 - 18:45:49.700Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
3/3/2020 - 18:45:49.700Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
3/3/2020 - 18:45:49.700Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
3/3/2020 - 18:45:49.700Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
3/3/2020 - 18:45:49.700Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:49.700Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:49.700Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:49.700Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:49.700Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:49.700Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
3/3/2020 - 18:45:49.700Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
3/3/2020 - 18:45:49.700Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
3/3/2020 - 18:45:49.700Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
3/3/2020 - 18:45:49.700Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\History.IE5
3/3/2020 - 18:45:49.700Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\History.IE5
3/3/2020 - 18:45:49.778Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\DNSAPI.dll
3/3/2020 - 18:45:49.778Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dnsapi.dll
3/3/2020 - 18:45:49.778Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dnsapi.dll
3/3/2020 - 18:45:50.59Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wininet.dll
3/3/2020 - 18:45:50.59Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wininet.dll
3/3/2020 - 18:45:50.231Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\dhcpcsvc6.DLL
3/3/2020 - 18:45:50.231Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc6.dll
3/3/2020 - 18:45:50.231Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc6.dlldhcpcsvc6.dll
3/3/2020 - 18:45:50.231Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc6.dll
3/3/2020 - 18:45:50.231Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc6.dlldhcpcsvc6.dll
3/3/2020 - 18:45:50.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\dhcpcsvc.DLL
3/3/2020 - 18:45:50.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc.dll
3/3/2020 - 18:45:50.309Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc.dll
3/3/2020 - 18:45:50.528Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:50.528Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF796F8536B50A23C8.TMP~DF796F8536B50A23C8.TMP
3/3/2020 - 18:45:50.528Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF796F8536B50A23C8.TMP~DF796F8536B50A23C8.TMP
3/3/2020 - 18:45:50.528Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF796F8536B50A23C8.TMP~DF796F8536B50A23C8.TMP
3/3/2020 - 18:45:50.528Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:50.528Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:50.528Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:50.528Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:50.528Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:50.575Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WSHTCPIP.DLL
3/3/2020 - 18:45:50.575Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WSHTCPIP.DLL
3/3/2020 - 18:45:50.622Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\rasadhlp.dll
3/3/2020 - 18:45:50.622Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rasadhlp.dll
3/3/2020 - 18:45:50.622Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rasadhlp.dll
3/3/2020 - 18:45:50.622Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\FWPUCLNT.DLL
3/3/2020 - 18:45:50.622Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\FWPUCLNT.DLL
3/3/2020 - 18:45:50.622Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\SXS.DLL
3/3/2020 - 18:45:50.622Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sxs.dll
3/3/2020 - 18:45:50.622Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sxs.dll
3/3/2020 - 18:45:50.622Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:45:50.622Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
3/3/2020 - 18:45:50.622Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
3/3/2020 - 18:45:50.731Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WSHTCPIP.DLL
3/3/2020 - 18:45:50.731Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WSHTCPIP.DLL
3/3/2020 - 18:45:50.731Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WSHTCPIP.DLL
3/3/2020 - 18:45:50.731Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wship6.dll
3/3/2020 - 18:45:50.731Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wship6.dll
3/3/2020 - 18:45:50.731Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wship6.dll
3/3/2020 - 18:45:50.731Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wshqos.dll
3/3/2020 - 18:45:50.731Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wshqos.dll
3/3/2020 - 18:45:50.731Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wshqos.dll
3/3/2020 - 18:45:50.731Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wshqos.dll
3/3/2020 - 18:45:50.731Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wshqos.dll
3/3/2020 - 18:45:50.731Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wshqos.dll
3/3/2020 - 18:45:50.731Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wshqos.dll
3/3/2020 - 18:45:50.731Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wshqos.dll
3/3/2020 - 18:45:50.825Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEUI.dll
3/3/2020 - 18:45:50.825Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieui.dll
3/3/2020 - 18:45:50.825Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieui.dll
3/3/2020 - 18:45:50.981Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\MLANG.dll
3/3/2020 - 18:45:50.981Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mlang.dll
3/3/2020 - 18:45:50.981Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mlang.dll
3/3/2020 - 18:45:51.28Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\
3/3/2020 - 18:45:51.28Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\
3/3/2020 - 18:45:51.28Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches
3/3/2020 - 18:45:51.28Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches\cversions.1.db
3/3/2020 - 18:45:51.28Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches
3/3/2020 - 18:45:51.28Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches\cversions.1.db
3/3/2020 - 18:45:51.28Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000000.db
3/3/2020 - 18:45:51.28Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\desktop.ini
3/3/2020 - 18:45:51.28Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\desktop.ini
3/3/2020 - 18:45:51.28Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users
3/3/2020 - 18:45:51.28Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users
3/3/2020 - 18:45:51.28Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:51.28Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
3/3/2020 - 18:45:51.28Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites\desktop.ini
3/3/2020 - 18:45:51.28Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites\desktop.ini
3/3/2020 - 18:45:51.28Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop\desktop.ini
3/3/2020 - 18:45:51.28Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop\desktop.ini
3/3/2020 - 18:45:51.28Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\propsys.dll
3/3/2020 - 18:45:51.43Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\propsys.dll
3/3/2020 - 18:45:51.43Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\propsys.dll
3/3/2020 - 18:45:51.43Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore
3/3/2020 - 18:45:51.43Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore
3/3/2020 - 18:45:51.43Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt
3/3/2020 - 18:45:51.43Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt
3/3/2020 - 18:45:51.43Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.dat
3/3/2020 - 18:45:51.43Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
3/3/2020 - 18:45:51.43Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
3/3/2020 - 18:45:51.43Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
3/3/2020 - 18:45:51.43Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
3/3/2020 - 18:45:51.43Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
3/3/2020 - 18:45:51.43Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
3/3/2020 - 18:45:51.43Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
3/3/2020 - 18:45:51.43Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
3/3/2020 - 18:45:51.43Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
3/3/2020 - 18:45:51.43Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
3/3/2020 - 18:45:51.43Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
3/3/2020 - 18:45:51.43Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
3/3/2020 - 18:45:51.43Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
3/3/2020 - 18:45:51.43Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\iconcache
3/3/2020 - 18:45:51.43Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\url.dll
3/3/2020 - 18:45:51.43Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop\url.dll
3/3/2020 - 18:45:51.43Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\url.dll
3/3/2020 - 18:45:51.43Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-core-winrt-string-l1-1-0.dll
3/3/2020 - 18:45:51.43Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ole32.dll
3/3/2020 - 18:45:51.43Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ole32.dll
3/3/2020 - 18:45:51.59Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
3/3/2020 - 18:45:51.59Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
3/3/2020 - 18:45:51.59Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\portal[1].htm
3/3/2020 - 18:45:51.59Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\portal[1].htmportal[1].htm
3/3/2020 - 18:45:51.59Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
3/3/2020 - 18:45:51.59Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
3/3/2020 - 18:45:51.59Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
3/3/2020 - 18:45:51.59Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
3/3/2020 - 18:45:51.59Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
3/3/2020 - 18:45:51.59Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
3/3/2020 - 18:45:51.168Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:51.168Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF796F8536B50A23C8.TMP~DF796F8536B50A23C8.TMP
3/3/2020 - 18:45:51.168Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF796F8536B50A23C8.TMP~DF796F8536B50A23C8.TMP
3/3/2020 - 18:45:51.168Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF796F8536B50A23C8.TMP~DF796F8536B50A23C8.TMP
3/3/2020 - 18:45:51.168Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:51.168Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:51.168Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:51.168Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:51.168Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF6A93D9AE8D27B412.TMP~DF6A93D9AE8D27B412.TMP
3/3/2020 - 18:45:51.168Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF6A93D9AE8D27B412.TMP~DF6A93D9AE8D27B412.TMP
3/3/2020 - 18:45:51.168Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:51.168Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:51.168Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:51.168Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:51.168Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:51.168Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:51.168Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:51.168Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF796F8536B50A23C8.TMP~DF796F8536B50A23C8.TMP
3/3/2020 - 18:45:51.168Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF796F8536B50A23C8.TMP~DF796F8536B50A23C8.TMP
3/3/2020 - 18:45:51.168Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF796F8536B50A23C8.TMP~DF796F8536B50A23C8.TMP
3/3/2020 - 18:45:51.168Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:51.168Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:51.168Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:51.168Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:45:51.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\credssp.dll
3/3/2020 - 18:45:51.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\credssp.dll
3/3/2020 - 18:45:51.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\credssp.dll
3/3/2020 - 18:45:51.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\schannel.dll
3/3/2020 - 18:45:51.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\schannel.dll
3/3/2020 - 18:45:51.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My
3/3/2020 - 18:45:51.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
3/3/2020 - 18:45:51.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
3/3/2020 - 18:45:51.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
3/3/2020 - 18:45:51.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
3/3/2020 - 18:45:51.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
3/3/2020 - 18:45:51.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
3/3/2020 - 18:45:51.762Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\ncrypt.dll
3/3/2020 - 18:45:51.762Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ncrypt.dll
3/3/2020 - 18:45:51.762Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ncrypt.dll
3/3/2020 - 18:45:51.762Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
3/3/2020 - 18:45:51.762Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
3/3/2020 - 18:45:51.762Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
3/3/2020 - 18:45:51.762Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
3/3/2020 - 18:45:51.762Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
3/3/2020 - 18:45:51.762Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
3/3/2020 - 18:45:51.762Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\GPAPI.dll
3/3/2020 - 18:45:51.762Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\gpapi.dll
3/3/2020 - 18:45:51.762Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\gpapi.dll
3/3/2020 - 18:45:51.856Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My
3/3/2020 - 18:45:51.856Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
3/3/2020 - 18:45:51.856Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
3/3/2020 - 18:45:51.856Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
3/3/2020 - 18:45:51.856Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
3/3/2020 - 18:45:51.856Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
3/3/2020 - 18:45:51.856Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
3/3/2020 - 18:45:51.856Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\p2pcollab.dll
3/3/2020 - 18:45:51.856Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\p2pcollab.dllp2pcollab.dll
3/3/2020 - 18:45:51.856Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\p2pcollab.dll
3/3/2020 - 18:45:51.856Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\p2pcollab.dllp2pcollab.dll
3/3/2020 - 18:45:51.856Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\qagentrt.dll
3/3/2020 - 18:45:51.856Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dnsapi.dll
3/3/2020 - 18:45:51.856Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dnsapi.dll
3/3/2020 - 18:45:51.856Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\cryptnet.dll
3/3/2020 - 18:45:51.856Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptnet.dll
3/3/2020 - 18:45:51.856Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptnet.dll
3/3/2020 - 18:45:51.856Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:51.856Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:51.856Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:51.856Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:51.856Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:51.856Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:51.856Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:51.872Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:51.872Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:51.872Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:51.872Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:51.872Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:51.872Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:51.872Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:51.872Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:51.872Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_0EE2D122C664E1B327C8D254AAC8B0DA
3/3/2020 - 18:45:51.872Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:51.872Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:51.872Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:51.872Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:51.872Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E7EC0C85688F4738F3BE49B104BA67
3/3/2020 - 18:45:51.872Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\SensApi.dll
3/3/2020 - 18:45:51.872Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\SensApi.dll
3/3/2020 - 18:45:51.872Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\SensApi.dll
3/3/2020 - 18:45:51.918Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:51.918Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:51.918Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:51.918Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:51.918Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:51.918Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:51.965Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\WINHTTP.dll
3/3/2020 - 18:45:51.965Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winhttp.dll
3/3/2020 - 18:45:51.965Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winhttp.dll
3/3/2020 - 18:45:51.965Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\webio.dll
3/3/2020 - 18:45:51.965Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\webio.dll
3/3/2020 - 18:45:51.965Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\webio.dll
3/3/2020 - 18:45:51.965Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\pt-BR\KernelBase.dll.mui
3/3/2020 - 18:45:51.965Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\dhcpcsvc6.DLL
3/3/2020 - 18:45:51.965Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc6.dll
3/3/2020 - 18:45:51.965Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc6.dlldhcpcsvc6.dll
3/3/2020 - 18:45:51.965Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc6.dll
3/3/2020 - 18:45:51.965Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc6.dlldhcpcsvc6.dll
3/3/2020 - 18:45:52.12Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\dhcpcsvc.DLL
3/3/2020 - 18:45:52.12Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc.dll
3/3/2020 - 18:45:52.12Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc.dll
3/3/2020 - 18:45:52.106Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:52.106Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:52.106Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:52.106Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:52.106Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:52.575Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:52.575Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:52.575Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:52.575Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:52.575Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:52.575Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:52.575Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:52.575Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:52.575Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:52.575Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
3/3/2020 - 18:45:52.575Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
3/3/2020 - 18:45:52.575Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
3/3/2020 - 18:45:52.575Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
3/3/2020 - 18:45:52.575Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:52.575Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:52.575Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:52.575Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:52.575Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:52.575Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:52.575Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:52.575Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:52.575Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:52.575Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:52.575Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:52.575Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:52.575Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:52.575Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:52.809Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:52.809Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:52.809Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:52.809Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:52.809Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:52.809Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:52.809Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:52.809Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:52.809Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:52.809Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:52.809Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:52.809Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:52.809Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:52.809Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:52.809Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:52.809Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:52.809Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:52.809Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:52.809Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
3/3/2020 - 18:45:52.809Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
3/3/2020 - 18:45:52.809Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
3/3/2020 - 18:45:52.809Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
3/3/2020 - 18:45:52.809Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:52.809Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:52.809Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:52.809Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:52.809Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:52.809Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:52.809Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:52.809Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:52.809Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:52.809Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:52.809Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:52.809Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001ACF244F1A10D4DBED0D88EBA0C43A9B5_BA1AB6C2BDFDF57799E8116E4002D001
3/3/2020 - 18:45:52.965Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:52.965Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:52.965Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:52.965Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:52.965Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E7EC0C85688F4738F3BE49B104BA67
3/3/2020 - 18:45:53.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:53.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:53.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:53.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:53.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E7EC0C85688F4738F3BE49B104BA67
3/3/2020 - 18:45:53.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
3/3/2020 - 18:45:53.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
3/3/2020 - 18:45:53.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
3/3/2020 - 18:45:53.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
3/3/2020 - 18:45:53.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C8E7EC0C85688F4738F3BE49B104BA67
3/3/2020 - 18:45:53.122Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E7EC0C85688F4738F3BE49B104BA67C8E7EC0C85688F4738F3BE49B104BA67
3/3/2020 - 18:45:53.122Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E7EC0C85688F4738F3BE49B104BA67C8E7EC0C85688F4738F3BE49B104BA67
3/3/2020 - 18:45:53.122Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E7EC0C85688F4738F3BE49B104BA67C8E7EC0C85688F4738F3BE49B104BA67
3/3/2020 - 18:45:53.122Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C8E7EC0C85688F4738F3BE49B104BA67C8E7EC0C85688F4738F3BE49B104BA67
3/3/2020 - 18:45:53.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C8E7EC0C85688F4738F3BE49B104BA67C8E7EC0C85688F4738F3BE49B104BA67
3/3/2020 - 18:45:53.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C8E7EC0C85688F4738F3BE49B104BA67C8E7EC0C85688F4738F3BE49B104BA67
3/3/2020 - 18:45:53.122Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E7EC0C85688F4738F3BE49B104BA67C8E7EC0C85688F4738F3BE49B104BA67
3/3/2020 - 18:45:53.122Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E7EC0C85688F4738F3BE49B104BA67C8E7EC0C85688F4738F3BE49B104BA67
3/3/2020 - 18:45:53.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E7EC0C85688F4738F3BE49B104BA67C8E7EC0C85688F4738F3BE49B104BA67
3/3/2020 - 18:45:53.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E7EC0C85688F4738F3BE49B104BA67C8E7EC0C85688F4738F3BE49B104BA67
3/3/2020 - 18:45:53.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C8E7EC0C85688F4738F3BE49B104BA67C8E7EC0C85688F4738F3BE49B104BA67
3/3/2020 - 18:45:53.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:53.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:53.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:53.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:53.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E7EC0C85688F4738F3BE49B104BA67
3/3/2020 - 18:45:53.122Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E7EC0C85688F4738F3BE49B104BA67C8E7EC0C85688F4738F3BE49B104BA67
3/3/2020 - 18:45:53.122Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E7EC0C85688F4738F3BE49B104BA67C8E7EC0C85688F4738F3BE49B104BA67
3/3/2020 - 18:45:53.122Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E7EC0C85688F4738F3BE49B104BA67C8E7EC0C85688F4738F3BE49B104BA67
3/3/2020 - 18:45:53.122Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E7EC0C85688F4738F3BE49B104BA67C8E7EC0C85688F4738F3BE49B104BA67
3/3/2020 - 18:45:53.122Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E7EC0C85688F4738F3BE49B104BA67C8E7EC0C85688F4738F3BE49B104BA67
3/3/2020 - 18:45:53.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E7EC0C85688F4738F3BE49B104BA67C8E7EC0C85688F4738F3BE49B104BA67
3/3/2020 - 18:45:53.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E7EC0C85688F4738F3BE49B104BA67C8E7EC0C85688F4738F3BE49B104BA67
3/3/2020 - 18:45:53.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E7EC0C85688F4738F3BE49B104BA67C8E7EC0C85688F4738F3BE49B104BA67
3/3/2020 - 18:45:53.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:53.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:53.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:53.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BC570EC0DE58335AFAF92FDC8E3AA330_69DF2046813864695826996F2B278C43
3/3/2020 - 18:45:53.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.122Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.122Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E7631945B23D3018655B801BCB0B4636
3/3/2020 - 18:45:53.184Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.184Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.184Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.184Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.184Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:53.184Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:53.418Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.418Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.418Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.418Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.418Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:53.965Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.965Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.965Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.965Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:53.965Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:53.965Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:53.965Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:53.965Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:53.965Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:53.965Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
3/3/2020 - 18:45:53.965Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
3/3/2020 - 18:45:53.965Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
3/3/2020 - 18:45:53.965Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
3/3/2020 - 18:45:53.965Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:53.965Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:53.965Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:53.965Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:53.965Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:53.965Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:53.965Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:53.965Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:53.965Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:53.965Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:53.965Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:53.965Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:53.965Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:53.965Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:53.965Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:54.59Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:54.59Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:54.59Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:54.59Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:54.59Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:54.59Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:54.59Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:54.59Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:54.59Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:54.75Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:54.75Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:54.75Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:54.75Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:54.75Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:54.75Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:54.75Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:54.75Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:54.75Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:54.75Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
3/3/2020 - 18:45:54.75Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
3/3/2020 - 18:45:54.75Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
3/3/2020 - 18:45:54.75Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
3/3/2020 - 18:45:54.75Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:54.75Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:54.75Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:54.75Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:54.75Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:54.75Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:54.75Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:54.75Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:54.75Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:54.75Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:54.75Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:54.75Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97BC570EC0DE58335AFAF92FDC8E3AA330_2BCC2E9B7AEFC92F77CD4C98C6BBFC97
3/3/2020 - 18:45:54.215Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:54.215Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:54.215Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:54.215Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:54.215Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E7631945B23D3018655B801BCB0B4636
3/3/2020 - 18:45:54.622Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:54.622Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:54.622Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:54.622Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:54.622Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:54.622Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:54.622Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:54.622Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:54.622Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E7631945B23D3018655B801BCB0B4636
3/3/2020 - 18:45:54.622Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
3/3/2020 - 18:45:54.622Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
3/3/2020 - 18:45:54.622Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
3/3/2020 - 18:45:54.622Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
3/3/2020 - 18:45:54.622Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E7631945B23D3018655B801BCB0B4636
3/3/2020 - 18:45:54.622Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E7631945B23D3018655B801BCB0B4636E7631945B23D3018655B801BCB0B4636
3/3/2020 - 18:45:54.622Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E7631945B23D3018655B801BCB0B4636E7631945B23D3018655B801BCB0B4636
3/3/2020 - 18:45:54.622Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E7631945B23D3018655B801BCB0B4636E7631945B23D3018655B801BCB0B4636
3/3/2020 - 18:45:54.622Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E7631945B23D3018655B801BCB0B4636E7631945B23D3018655B801BCB0B4636
3/3/2020 - 18:45:54.622Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E7631945B23D3018655B801BCB0B4636E7631945B23D3018655B801BCB0B4636
3/3/2020 - 18:45:54.622Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E7631945B23D3018655B801BCB0B4636E7631945B23D3018655B801BCB0B4636
3/3/2020 - 18:45:54.622Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E7631945B23D3018655B801BCB0B4636E7631945B23D3018655B801BCB0B4636
3/3/2020 - 18:45:54.622Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E7631945B23D3018655B801BCB0B4636E7631945B23D3018655B801BCB0B4636
3/3/2020 - 18:45:54.622Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E7631945B23D3018655B801BCB0B4636E7631945B23D3018655B801BCB0B4636
3/3/2020 - 18:45:54.622Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E7631945B23D3018655B801BCB0B4636E7631945B23D3018655B801BCB0B4636
3/3/2020 - 18:45:54.622Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E7631945B23D3018655B801BCB0B4636E7631945B23D3018655B801BCB0B4636
3/3/2020 - 18:45:54.637Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:54.637Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:54.637Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:54.637Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:45:54.637Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:54.637Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:54.637Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:54.637Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
3/3/2020 - 18:45:54.637Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E7631945B23D3018655B801BCB0B4636
3/3/2020 - 18:45:54.637Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E7631945B23D3018655B801BCB0B4636E7631945B23D3018655B801BCB0B4636
3/3/2020 - 18:45:54.637Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E7631945B23D3018655B801BCB0B4636E7631945B23D3018655B801BCB0B4636
3/3/2020 - 18:45:54.637Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E7631945B23D3018655B801BCB0B4636E7631945B23D3018655B801BCB0B4636
3/3/2020 - 18:45:54.637Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E7631945B23D3018655B801BCB0B4636E7631945B23D3018655B801BCB0B4636
3/3/2020 - 18:45:54.637Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E7631945B23D3018655B801BCB0B4636E7631945B23D3018655B801BCB0B4636
3/3/2020 - 18:45:54.637Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E7631945B23D3018655B801BCB0B4636E7631945B23D3018655B801BCB0B4636
3/3/2020 - 18:45:54.637Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E7631945B23D3018655B801BCB0B4636E7631945B23D3018655B801BCB0B4636
3/3/2020 - 18:45:54.637Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E7631945B23D3018655B801BCB0B4636E7631945B23D3018655B801BCB0B4636
3/3/2020 - 18:45:54.997Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.dll
3/3/2020 - 18:45:54.997Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.dll
3/3/2020 - 18:45:54.997Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.Manifest
3/3/2020 - 18:45:54.997Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.ManifestWindowsShell.Manifest
3/3/2020 - 18:45:54.997Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE.Local
3/3/2020 - 18:45:54.997Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
3/3/2020 - 18:45:54.997Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
3/3/2020 - 18:45:54.997Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
3/3/2020 - 18:45:59.887Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
3/3/2020 - 18:45:59.887Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
3/3/2020 - 18:45:59.887Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
3/3/2020 - 18:45:59.887Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\invalidcert[1]
3/3/2020 - 18:45:59.887Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\invalidcert[1]invalidcert[1]
3/3/2020 - 18:45:59.887Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\invalidcert[1]invalidcert[1]
3/3/2020 - 18:45:59.887Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\invalidcert[1]
3/3/2020 - 18:45:59.887Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\invalidcert[1]invalidcert[1]
3/3/2020 - 18:45:59.934Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.Manifest
3/3/2020 - 18:45:59.934Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.ManifestWindowsShell.Manifest
3/3/2020 - 18:45:59.981Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\jscript9.dll
3/3/2020 - 18:45:59.981Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\jscript9.dll
3/3/2020 - 18:46:0.75Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF
3/3/2020 - 18:46:0.75Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF
3/3/2020 - 18:46:0.75Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\ErrorPageTemplate[1]
3/3/2020 - 18:46:0.262Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\ErrorPageTemplate[1]ErrorPageTemplate[1]
3/3/2020 - 18:46:0.262Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\ErrorPageTemplate[1]
3/3/2020 - 18:46:0.262Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\ErrorPageTemplate[1]ErrorPageTemplate[1]
3/3/2020 - 18:46:0.309Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\ErrorPageTemplate[1]ErrorPageTemplate[1]
3/3/2020 - 18:46:0.309Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH
3/3/2020 - 18:46:0.309Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH
3/3/2020 - 18:46:0.309Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\errorPageStrings[1]
3/3/2020 - 18:46:0.309Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\errorPageStrings[1]errorPageStrings[1]
3/3/2020 - 18:46:0.309Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\errorPageStrings[1]
3/3/2020 - 18:46:0.309Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\errorPageStrings[1]errorPageStrings[1]
3/3/2020 - 18:46:0.309Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\errorPageStrings[1]errorPageStrings[1]
3/3/2020 - 18:46:0.309Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msimtf.dll
3/3/2020 - 18:46:0.309Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msimtf.dll
3/3/2020 - 18:46:0.325Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
3/3/2020 - 18:46:0.325Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
3/3/2020 - 18:46:0.325Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\httpErrorPagesScripts[1]
3/3/2020 - 18:46:0.325Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\httpErrorPagesScripts[1]httpErrorPagesScripts[1]
3/3/2020 - 18:46:0.325Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\httpErrorPagesScripts[1]httpErrorPagesScripts[1]
3/3/2020 - 18:46:0.325Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\httpErrorPagesScripts[1]
3/3/2020 - 18:46:0.325Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\httpErrorPagesScripts[1]httpErrorPagesScripts[1]
3/3/2020 - 18:46:0.372Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF
3/3/2020 - 18:46:0.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF
3/3/2020 - 18:46:0.372Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\invalidcert[1]
3/3/2020 - 18:46:0.372Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\invalidcert[1]invalidcert[1]
3/3/2020 - 18:46:0.372Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\invalidcert[1]
3/3/2020 - 18:46:0.372Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\invalidcert[1]invalidcert[1]
3/3/2020 - 18:46:0.418Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\invalidcert[1]invalidcert[1]
3/3/2020 - 18:46:0.418Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2
3/3/2020 - 18:46:0.418Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2
3/3/2020 - 18:46:0.418Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\red_shield_48[1]
3/3/2020 - 18:46:0.418Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\red_shield_48[1]red_shield_48[1]
3/3/2020 - 18:46:0.418Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\red_shield_48[1]red_shield_48[1]
3/3/2020 - 18:46:0.418Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\red_shield_48[1]
3/3/2020 - 18:46:0.418Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\red_shield_48[1]red_shield_48[1]
3/3/2020 - 18:46:0.418Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft
3/3/2020 - 18:46:0.418Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft
3/3/2020 - 18:46:0.418Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer
3/3/2020 - 18:46:0.418Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer
3/3/2020 - 18:46:0.418Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer
3/3/2020 - 18:46:0.418Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer
3/3/2020 - 18:46:0.418Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
3/3/2020 - 18:46:0.418Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
3/3/2020 - 18:46:0.418Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH
3/3/2020 - 18:46:0.418Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH
3/3/2020 - 18:46:0.418Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\green_shield[1]
3/3/2020 - 18:46:0.418Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\green_shield[1]green_shield[1]
3/3/2020 - 18:46:0.418Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\green_shield[1]
3/3/2020 - 18:46:0.418Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\green_shield[1]green_shield[1]
3/3/2020 - 18:46:0.418Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\green_shield[1]green_shield[1]
3/3/2020 - 18:46:0.418Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
3/3/2020 - 18:46:0.418Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
3/3/2020 - 18:46:0.418Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\red_shield[1]
3/3/2020 - 18:46:0.418Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\red_shield[1]red_shield[1]
3/3/2020 - 18:46:0.418Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\red_shield[1]
3/3/2020 - 18:46:0.418Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\red_shield[1]red_shield[1]
3/3/2020 - 18:46:0.418Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\red_shield[1]red_shield[1]
3/3/2020 - 18:46:0.418Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF
3/3/2020 - 18:46:0.418Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF
3/3/2020 - 18:46:0.418Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\down[1]
3/3/2020 - 18:46:0.418Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\down[1]down[1]
3/3/2020 - 18:46:0.418Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\down[1]
3/3/2020 - 18:46:0.418Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\down[1]down[1]
3/3/2020 - 18:46:0.481Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WindowsCodecs.dll
3/3/2020 - 18:46:0.481Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WindowsCodecs.dllWindowsCodecs.dll
3/3/2020 - 18:46:0.481Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WindowsCodecs.dll
3/3/2020 - 18:46:0.481Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WindowsCodecs.dllWindowsCodecs.dll
3/3/2020 - 18:46:0.481Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\down[1]down[1]
3/3/2020 - 18:46:0.481Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
3/3/2020 - 18:46:0.543Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Read1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
3/3/2020 - 18:46:0.543Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
3/3/2020 - 18:46:0.543Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\d3d11.dll
3/3/2020 - 18:46:0.543Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d11.dll
3/3/2020 - 18:46:0.543Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d11.dll
3/3/2020 - 18:46:0.543Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\D3D10Warp.dll
3/3/2020 - 18:46:0.543Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d10warp.dll
3/3/2020 - 18:46:0.543Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d10warp.dlld3d10warp.dll
3/3/2020 - 18:46:0.543Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d10warp.dll
3/3/2020 - 18:46:0.543Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d10warp.dlld3d10warp.dll
3/3/2020 - 18:46:0.543Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
3/3/2020 - 18:46:0.559Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
3/3/2020 - 18:46:0.559Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d10warp.dll
3/3/2020 - 18:46:0.559Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d10warp.dlld3d10warp.dll
3/3/2020 - 18:46:0.559Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d10warp.dll
3/3/2020 - 18:46:0.559Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d10warp.dlld3d10warp.dll
3/3/2020 - 18:46:0.559Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msctf.dll
3/3/2020 - 18:46:0.559Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msctf.dll
3/3/2020 - 18:46:0.559Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msctf.dll
3/3/2020 - 18:46:0.559Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msctf.dll
3/3/2020 - 18:46:0.559Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2
3/3/2020 - 18:46:0.559Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2
3/3/2020 - 18:46:0.559Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\background_gradient_red[1]
3/3/2020 - 18:46:0.668Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\background_gradient_red[1]background_gradient_red[1]
3/3/2020 - 18:46:0.668Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\background_gradient_red[1]
3/3/2020 - 18:46:0.668Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\background_gradient_red[1]background_gradient_red[1]
3/3/2020 - 18:46:0.715Unknown1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\background_gradient_red[1]background_gradient_red[1]
3/3/2020 - 18:46:0.715Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\segoeuib.ttf
3/3/2020 - 18:46:0.715Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\segoeuib.ttf
3/3/2020 - 18:46:0.715Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\segoeuib.ttf
3/3/2020 - 18:46:0.856Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{55D408F0-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:46:5.903Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\segoeui.ttf
3/3/2020 - 18:46:5.903Open1672C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\segoeuib.ttf
3/3/2020 - 18:46:5.934Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\url.dll
3/3/2020 - 18:46:5.934Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop\url.dll
3/3/2020 - 18:46:5.934Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\url.dll
3/3/2020 - 18:46:5.934Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\url.dll
3/3/2020 - 18:46:5.934Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop\url.dll
3/3/2020 - 18:46:5.934Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\url.dll
3/3/2020 - 18:46:5.997Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\ntmarta.dll
3/3/2020 - 18:46:5.997Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ntmarta.dll
3/3/2020 - 18:46:5.997Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ntmarta.dll
3/3/2020 - 18:46:5.997Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:46:5.997Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF796F8536B50A23C8.TMP~DF796F8536B50A23C8.TMP
3/3/2020 - 18:46:5.997Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF796F8536B50A23C8.TMP~DF796F8536B50A23C8.TMP
3/3/2020 - 18:46:5.997Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:46:5.997Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:46:5.997Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:46:5.997Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:46:5.997Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:46:5.997Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF796F8536B50A23C8.TMP~DF796F8536B50A23C8.TMP
3/3/2020 - 18:46:5.997Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF796F8536B50A23C8.TMP~DF796F8536B50A23C8.TMP
3/3/2020 - 18:46:5.997Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:46:5.997Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:46:5.997Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:46:5.997Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:46:6.59Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:46:6.59Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
3/3/2020 - 18:46:6.59Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services
3/3/2020 - 18:46:6.59Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services
3/3/2020 - 18:46:6.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF796F8536B50A23C8.TMP~DF796F8536B50A23C8.TMP
3/3/2020 - 18:46:6.59Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF796F8536B50A23C8.TMP~DF796F8536B50A23C8.TMP
3/3/2020 - 18:46:6.59Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:46:6.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:46:6.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:46:6.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:46:6.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:46:6.59Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:46:6.59Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:46:6.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF796F8536B50A23C8.TMP~DF796F8536B50A23C8.TMP
3/3/2020 - 18:46:6.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF796F8536B50A23C8.TMP~DF796F8536B50A23C8.TMP
3/3/2020 - 18:46:6.59Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF796F8536B50A23C8.TMP~DF796F8536B50A23C8.TMP
3/3/2020 - 18:46:6.59Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:46:6.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:46:6.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:46:6.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:46:6.59Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:46:6.59Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat{55D408F2-4F1B-11E8-8B8A-525400842A13}.dat
3/3/2020 - 18:46:6.59Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\favicon[1].ico
3/3/2020 - 18:46:6.59Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\favicon[1].icofavicon[1].ico
3/3/2020 - 18:46:6.106Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH
3/3/2020 - 18:46:6.106Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH
3/3/2020 - 18:46:6.106Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\favicon[1].png
3/3/2020 - 18:46:6.106Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\favicon[2].png
3/3/2020 - 18:46:6.106Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\favicon[2].pngfavicon[2].png
3/3/2020 - 18:46:6.106Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\favicon[1].ico
3/3/2020 - 18:46:6.106Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\favicon[1].icofavicon[1].ico
3/3/2020 - 18:46:6.106Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\favicon[1].ico
3/3/2020 - 18:46:6.106Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\favicon[1].ico
3/3/2020 - 18:46:6.106Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
3/3/2020 - 18:46:6.106Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\favicon[1].icofavicon[1].ico
3/3/2020 - 18:46:6.106Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\favicon[1].icofavicon[1].ico
3/3/2020 - 18:46:6.106Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.icosearch_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
3/3/2020 - 18:46:6.153Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\favicon[1].icofavicon[1].ico
3/3/2020 - 18:46:6.153Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\favicon[1].icofavicon[1].ico
3/3/2020 - 18:46:6.153Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
3/3/2020 - 18:46:6.153Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.icosearch_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
3/3/2020 - 18:46:6.153Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
3/3/2020 - 18:46:6.153Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.icosearch_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
3/3/2020 - 18:46:6.153Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
3/3/2020 - 18:46:6.153Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.icosearch_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
3/3/2020 - 18:46:6.153Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
3/3/2020 - 18:46:6.153Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.icosearch_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
3/3/2020 - 18:46:6.153Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.icosearch_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
3/3/2020 - 18:46:6.153Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.icosearch_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
3/3/2020 - 18:46:6.153Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
3/3/2020 - 18:46:6.153Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.icosearch_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
3/3/2020 - 18:46:6.153Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
3/3/2020 - 18:46:6.153Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.icosearch_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
3/3/2020 - 18:46:6.153Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
3/3/2020 - 18:46:6.153Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.icosearch_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
3/3/2020 - 18:46:6.153Read2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.icosearch_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
3/3/2020 - 18:46:6.153Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
3/3/2020 - 18:46:6.153Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Monitor\Files\DeletedFiles\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
3/3/2020 - 18:46:6.153Write2336C:\Program Files\Internet Explorer\iexplore.exeC:\Monitor\Files\DeletedFiles\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.icosearch_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
3/3/2020 - 18:46:6.153Delete2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.icosearch_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
3/3/2020 - 18:46:6.153Unknown2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.icosearch_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
3/3/2020 - 18:46:57.856Open2336C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DomainSuggestions\pt-BR.1

Process
Trace
3/3/2020 - 18:45:46.497Create1480C:\malware.exe2336C:\Program Files\Internet Explorer\iexplore.exe
3/3/2020 - 18:45:48.59Create2336C:\Program Files\Internet Explorer\iexplore.exe1672C:\Program Files (x86)\Internet Explorer\iexplore.exe

Analysis
Reason
Timeout

Status
Sucessfully Executed

Results
1

Registry
Trace
3/3/2020 - 18:45:46.497Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached{17FE9752-0B5A-4665-84CD-569794602F5C} {7F9185B0-CB92-43C5-80A9-92277A4F7B54} 0xFFFF
3/3/2020 - 18:45:46.512Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapProxyBypass
3/3/2020 - 18:45:46.512Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapIntranetName
3/3/2020 - 18:45:46.512Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapUNCAsIntranet
3/3/2020 - 18:45:46.512Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapAutoDetect
3/3/2020 - 18:45:46.512Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapProxyBypass
3/3/2020 - 18:45:46.512Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapIntranetName
3/3/2020 - 18:45:46.512Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapUNCAsIntranet
3/3/2020 - 18:45:46.512Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapAutoDetect
3/3/2020 - 18:45:46.512Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet SettingsProxyEnable
3/3/2020 - 18:45:46.512Delete1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet SettingsProxyServer
3/3/2020 - 18:45:46.512Delete1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet SettingsProxyOverride
3/3/2020 - 18:45:46.512Delete1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet SettingsAutoConfigURL
3/3/2020 - 18:45:46.512Delete1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet SettingsAutoDetect
3/3/2020 - 18:45:46.512Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectionsSavedLegacySettings
3/3/2020 - 18:45:46.637Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\ContentCachePrefix
3/3/2020 - 18:45:46.637Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\CookiesCachePrefix
3/3/2020 - 18:45:46.637Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\HistoryCachePrefix
3/3/2020 - 18:45:46.856Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionReason
3/3/2020 - 18:45:46.856Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionTime
3/3/2020 - 18:45:46.856Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecision
3/3/2020 - 18:45:46.856Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDetectedUrl
3/3/2020 - 18:45:47.215Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionReason
3/3/2020 - 18:45:47.215Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionTime
3/3/2020 - 18:45:47.215Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecision
3/3/2020 - 18:45:47.215Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDetectedUrl
3/3/2020 - 18:45:47.325Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\ContentCachePrefix
3/3/2020 - 18:45:47.325Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\CookiesCachePrefix
3/3/2020 - 18:45:47.340Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\HistoryCachePrefix
3/3/2020 - 18:45:47.387Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Internet Explorer\MainCompatibilityFlags
3/3/2020 - 18:45:47.481Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet SettingsProxyEnable
3/3/2020 - 18:45:47.481Delete2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet SettingsProxyServer
3/3/2020 - 18:45:47.481Delete2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet SettingsProxyOverride
3/3/2020 - 18:45:47.481Delete2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet SettingsAutoConfigURL
3/3/2020 - 18:45:47.481Delete2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet SettingsAutoDetect
3/3/2020 - 18:45:47.481Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectionsSavedLegacySettings
3/3/2020 - 18:45:47.590Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Internet Explorer\Recovery\AdminActive{55D408F0-4F1B-11E8-8B8A-525400842A13}
3/3/2020 - 18:45:47.653Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionReason
3/3/2020 - 18:45:47.653Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionTime
3/3/2020 - 18:45:47.653Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecision
3/3/2020 - 18:45:47.653Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDetectedUrl
3/3/2020 - 18:45:47.809Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapProxyBypass
3/3/2020 - 18:45:47.809Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapIntranetName
3/3/2020 - 18:45:47.809Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapUNCAsIntranet
3/3/2020 - 18:45:47.809Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapAutoDetect
3/3/2020 - 18:45:47.809Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapProxyBypass
3/3/2020 - 18:45:47.809Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapIntranetName
3/3/2020 - 18:45:47.809Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapUNCAsIntranet
3/3/2020 - 18:45:47.809Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapAutoDetect
3/3/2020 - 18:45:47.809Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapProxyBypass
3/3/2020 - 18:45:47.809Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapIntranetName
3/3/2020 - 18:45:47.809Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapUNCAsIntranet
3/3/2020 - 18:45:47.809Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapAutoDetect
3/3/2020 - 18:45:47.809Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZonesSecuritySafe
3/3/2020 - 18:45:47.887Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Internet Explorer\MainFullScreen
3/3/2020 - 18:45:47.903Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Internet Explorer\MainWindow_Placement
3/3/2020 - 18:45:48.12Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Internet Explorer\Recovery\PendingRecoveryAdminActive
3/3/2020 - 18:45:48.809Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60}WpadDecisionReason
3/3/2020 - 18:45:48.809Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60}WpadDecisionTime
3/3/2020 - 18:45:48.809Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60}WpadDecision
3/3/2020 - 18:45:48.809Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60}WpadNetworkName
3/3/2020 - 18:45:48.809Delete1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60}WpadDetectedUrl
3/3/2020 - 18:45:48.809Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionReason
3/3/2020 - 18:45:48.809Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionTime
3/3/2020 - 18:45:48.809Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecision
3/3/2020 - 18:45:48.809Delete1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDetectedUrl
3/3/2020 - 18:45:48.809Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionReason
3/3/2020 - 18:45:48.809Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionTime
3/3/2020 - 18:45:48.809Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecision
3/3/2020 - 18:45:48.809Delete1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDetectedUrl
3/3/2020 - 18:45:48.809Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60}WpadDecisionReason
3/3/2020 - 18:45:48.809Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60}WpadDecisionTime
3/3/2020 - 18:45:48.809Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60}WpadDecision
3/3/2020 - 18:45:48.809Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60}WpadNetworkName
3/3/2020 - 18:45:48.809Delete1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60}WpadDetectedUrl
3/3/2020 - 18:45:48.809Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionReason
3/3/2020 - 18:45:48.809Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionTime
3/3/2020 - 18:45:48.809Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecision
3/3/2020 - 18:45:48.809Delete1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDetectedUrl
3/3/2020 - 18:45:48.809Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionReason
3/3/2020 - 18:45:48.809Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionTime
3/3/2020 - 18:45:48.809Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecision
3/3/2020 - 18:45:48.809Delete1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDetectedUrl
3/3/2020 - 18:45:49.684Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\ContentCachePrefix
3/3/2020 - 18:45:49.700Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\CookiesCachePrefix
3/3/2020 - 18:45:49.700Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\HistoryCachePrefix
3/3/2020 - 18:45:49.778Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapProxyBypass
3/3/2020 - 18:45:49.778Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapIntranetName
3/3/2020 - 18:45:49.778Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapUNCAsIntranet
3/3/2020 - 18:45:49.778Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapAutoDetect
3/3/2020 - 18:45:49.778Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapProxyBypass
3/3/2020 - 18:45:49.778Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapIntranetName
3/3/2020 - 18:45:49.778Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapUNCAsIntranet
3/3/2020 - 18:45:49.778Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapAutoDetect
3/3/2020 - 18:45:49.778Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapProxyBypass
3/3/2020 - 18:45:49.778Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapIntranetName
3/3/2020 - 18:45:49.778Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapUNCAsIntranet
3/3/2020 - 18:45:49.778Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapAutoDetect
3/3/2020 - 18:45:49.778Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet SettingsProxyEnable
3/3/2020 - 18:45:49.778Delete1672C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet SettingsProxyServer
3/3/2020 - 18:45:49.778Delete1672C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet SettingsProxyOverride
3/3/2020 - 18:45:49.778Delete1672C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet SettingsAutoConfigURL
3/3/2020 - 18:45:49.778Delete1672C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet SettingsAutoDetect
3/3/2020 - 18:45:49.778Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectionsSavedLegacySettings
3/3/2020 - 18:45:50.372Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionReason
3/3/2020 - 18:45:50.372Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionTime
3/3/2020 - 18:45:50.372Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecision
3/3/2020 - 18:45:50.372Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDetectedUrl
3/3/2020 - 18:45:50.418Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Internet Explorer\Main\WindowsSearchUpgradeTime
3/3/2020 - 18:45:50.418Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Internet Explorer\Main\WindowsSearchUpgradeTime
3/3/2020 - 18:45:50.575Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60}WpadDecisionReason
3/3/2020 - 18:45:50.575Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60}WpadDecisionTime
3/3/2020 - 18:45:50.575Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60}WpadDecision
3/3/2020 - 18:45:50.575Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60}WpadNetworkName
3/3/2020 - 18:45:50.575Delete2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60}WpadDetectedUrl
3/3/2020 - 18:45:50.575Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionReason
3/3/2020 - 18:45:50.575Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionTime
3/3/2020 - 18:45:50.575Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecision
3/3/2020 - 18:45:50.575Delete2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDetectedUrl
3/3/2020 - 18:45:50.575Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionReason
3/3/2020 - 18:45:50.575Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionTime
3/3/2020 - 18:45:50.575Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecision
3/3/2020 - 18:45:50.575Delete2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDetectedUrl
3/3/2020 - 18:45:51.856Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
3/3/2020 - 18:45:51.856Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
3/3/2020 - 18:45:51.856Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
3/3/2020 - 18:45:51.856Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
3/3/2020 - 18:45:51.856Write1672C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
3/3/2020 - 18:46:0.856Delete2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Internet Explorer\Recovery\AdminActive{00000000-0000-0000-0000-000000000000}
3/3/2020 - 18:46:5.997Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionReason
3/3/2020 - 18:46:5.997Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionTime
3/3/2020 - 18:46:5.997Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecision
3/3/2020 - 18:46:5.997Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDetectedUrl
3/3/2020 - 18:46:5.997Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Internet Explorer\EUPP Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy\DSPBackupDefaultSearchScope
3/3/2020 - 18:46:5.997Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Internet Explorer\User Preferences88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977
3/3/2020 - 18:46:5.997Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Internet Explorer\SearchScopesDefaultScope
3/3/2020 - 18:46:5.997Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Internet Explorer\EUPP Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy\DSPChangeNotice
3/3/2020 - 18:46:5.997Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Internet Explorer\User Preferences2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81
3/3/2020 - 18:46:7.28Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60}WpadDecisionReason
3/3/2020 - 18:46:7.28Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60}WpadDecisionTime
3/3/2020 - 18:46:7.28Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60}WpadDecision
3/3/2020 - 18:46:7.28Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60}WpadNetworkName
3/3/2020 - 18:46:7.28Delete2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60}WpadDetectedUrl
3/3/2020 - 18:46:7.28Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionReason
3/3/2020 - 18:46:7.28Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionTime
3/3/2020 - 18:46:7.28Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecision
3/3/2020 - 18:46:7.28Delete2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDetectedUrl
3/3/2020 - 18:46:7.28Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionReason
3/3/2020 - 18:46:7.28Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionTime
3/3/2020 - 18:46:7.28Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecision
3/3/2020 - 18:46:7.28Delete2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDetectedUrl
3/3/2020 - 18:46:22.168Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionReason
3/3/2020 - 18:46:22.168Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionTime
3/3/2020 - 18:46:22.168Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecision
3/3/2020 - 18:46:22.168Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDetectedUrl
3/3/2020 - 18:47:22.450Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionReason
3/3/2020 - 18:47:22.450Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionTime
3/3/2020 - 18:47:22.450Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecision
3/3/2020 - 18:47:22.450Write2336C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDetectedUrl

File Summary
Created
Identified: True check_circle

Deleted
Identified: True check_circle

Process Summary
Created
Identified: True check_circle

Deleted
Identified: False cancel

Registry Summary
Proxy
Identified: False cancel

AutoRun
Identified: False cancel

Created
Identified: True check_circle

Deleted
Identified: True check_circle

Browsers
Identified: True check_circle

Internet
Identified: True check_circle

Loading...

DNS
Query
computer localhost arrow_forward computer gateway:DNS code ocsp2.globalsign.com.
computer localhost arrow_forward computer gateway:DNS code ocsp.globalsign.com.
computer localhost arrow_forward computer gateway:59829 code ocsp.globalsign.com.
computer localhost arrow_forward computer gateway:49222 code www.bing.com.
computer localhost arrow_forward computer gateway:49551 code ocsp2.globalsign.com.
computer localhost arrow_forward computer gateway:51595 code crl2.alphassl.com.
computer localhost arrow_forward computer gateway:DNS code crl2.alphassl.com.
computer localhost arrow_forward computer gateway:50043 code crl.globalsign.net.
computer localhost arrow_forward computer gateway:56655 code dns.msftncsi.com.
computer localhost arrow_forward computer gateway:DNS code www.bing.com.
computer localhost arrow_forward computer gateway:50273 code go.microsoft.com.
computer localhost arrow_forward computer gateway:54285 code api.bing.com.
computer localhost arrow_forward computer gateway:DNS code go.microsoft.com.
computer localhost arrow_forward computer gateway:DNS code www.mpdft.mp.br.
computer localhost arrow_forward computer gateway:DNS code api.bing.com.
computer localhost arrow_forward computer gateway:DNS code dns.msftncsi.com.
computer localhost arrow_forward computer gateway:DNS code crl.globalsign.net.

Response
computer gateway:DNS arrow_forward computer localhost code www.bing.com. reply_all 204.79.197.200

computer gateway:DNS arrow_forward computer localhost code go.microsoft.com. reply_all 104.78.56.139

computer gateway:DNS arrow_forward computer localhost code dns.msftncsi.com. reply_all 131.107.255.255

computer gateway:DNS arrow_forward computer localhost code www.mpdft.mp.br. reply_all 200.142.10.2

computer gateway:DNS arrow_forward computer localhost code crl.globalsign.net. reply_all 151.101.254.133

computer gateway:DNS arrow_forward computer localhost code ocsp2.globalsign.com. reply_all 151.101.254.133

computer gateway:DNS arrow_forward computer localhost code ocsp.globalsign.com. reply_all 151.101.254.133

computer gateway:DNS arrow_forward computer localhost code crl2.alphassl.com. reply_all 151.101.254.133

computer gateway:DNS arrow_forward computer localhost code api.bing.com. reply_all 13.107.46.80


TCP
Info
computer localhost:65191 arrow_forward 108.167.188.240:80
computer localhost:65196 arrow_forward 151.101.254.133:80
151.101.254.133:80 arrow_forward computer localhost:65196
200.142.10.2:443 arrow_forward computer localhost:65194
computer localhost:65195 arrow_forward 151.101.254.133:80
computer localhost:65193 arrow_forward 200.142.10.2:80
computer localhost:65198 arrow_forward 151.101.254.133:80
151.101.254.133:80 arrow_forward computer localhost:65195
computer localhost:65192 arrow_forward 200.142.10.2:80
200.142.10.2:80 arrow_forward computer localhost:65193
151.101.254.133:80 arrow_forward computer localhost:65198
200.142.10.2:80 arrow_forward computer localhost:65192
computer localhost:65194 arrow_forward 200.142.10.2:443
computer localhost:65197 arrow_forward 151.101.254.133:80
151.101.254.133:80 arrow_forward computer localhost:65197
108.167.188.240:80 arrow_forward computer localhost:65191

UDP
Info
computer localhost:51595 arrow_forward computer localhost:53
computer localhost:49551 arrow_forward computer localhost:53
computer localhost:55394 arrow_forward computer localhost:53
computer localhost:53 arrow_forward computer localhost:59829
computer localhost:54285 arrow_forward computer localhost:53
computer localhost:53 arrow_forward computer localhost:51595
computer localhost:53 arrow_forward computer localhost:49551
computer localhost:50273 arrow_forward computer localhost:53
computer localhost:49222 arrow_forward computer localhost:53
computer localhost:53 arrow_forward computer localhost:50043
computer localhost:53 arrow_forward computer localhost:50273
computer localhost:53 arrow_forward computer localhost:56655
computer localhost:50043 arrow_forward computer localhost:53
computer localhost:53 arrow_forward computer localhost:54285
computer localhost:53 arrow_forward computer localhost:49222
computer localhost:56655 arrow_forward computer localhost:53
computer localhost:53 arrow_forward computer localhost:55394
computer localhost:59829 arrow_forward computer localhost:53
computer localhost:67 arrow_forward computer localhost:68
computer localhost:68 arrow_forward help_outline 255.255.255.255:67

HTTP
Info
computer localhost send GET www.mpdft.mp.br attach_file /portal/
computer localhost send GET ocsp2.globalsign.com attach_file /gsalphasha2g2/ME0wSzBJMEcwRTAJBgUrDgMCGgUABBSE1Wv4CYvTB7dm2OHrrWWWqmtnYQQU9c3VPAhQ%2BWpPOreX2laD5mnSaPcCDB3eiZbnd7PsptudvA%3D%3D
computer localhost send GET 108.167.188.240 help_outline attach_file /~frigo475/Hunter.jmp
computer localhost send GET ocsp.globalsign.com attach_file /rootr1/MEwwSjBIMEYwRDAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6%2BMgGqMQQUYHtmGkUNl8qJUC99BM00qP%2F8%2FUsCCwQAAAAAAURO8DYx
computer localhost send GET crl2.alphassl.com attach_file /gs/gsalphasha2g2.crl
computer localhost send GET 108.167.188.240 help_outline attach_file /404.html
computer localhost send GET crl.globalsign.net attach_file /root.crl

Summary
DNS
True check_circle

TCP
True check_circle

UDP
True check_circle

HTTP
True check_circle

Results
BINARY
KNN (K=3, NFS-BRMalware)
confidence: 100.00%
suspicious: True check_circle

Decision Tree (NFS-BRMalware)
confidence: 100.00%
suspicious: True check_circle

SVC (Kernel=Linear, NFS-BRMalware)
confidence: 40.80%
suspicious: False cancel

MalConv (Ember: Raw Bytes, Threshold=0.5)
confidence: 80.31%
suspicious: False cancel

Random Forest (100 estimators, NFS-BRMalware)
confidence: 68.00%
suspicious: True check_circle

Non-Negative MalConv (Ember: Raw Bytes, Threshold=0.35)
confidence: 89.94%
suspicious: False cancel

LightGDM (Ember: File Characteristics, Threshold=0.8336)
confidence: 99.51%
suspicious: True check_circle

Add to Collection
Download